Skocz do zawartości
Niemiec

Problem z kompem ;)

Rekomendowane odpowiedzi

Komputer restartuje niezbyt czesto, dzisiaj mialo to miejsce i po restarcie tak na szybko zauwazylem, ze pasek boczny nie chce wystartowac, norton sie wysypal a w IE nie laczy sie z siecia i komp jakby spowolnil wiec mniemam, ze cos jest nie tak. Prosze o pomoc 8O

 

OTL

 

 

OTL logfile created on: 2010-07-27 23:33:21 - Run 1

OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Kamil\Desktop\vir

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18928)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free

7,00 Gb Paging File | 6,00 Gb Available in Paging File | 90,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 48,86 Gb Total Space | 28,88 Gb Free Space | 59,11% Space Free | Partition Type: NTFS

Drive D: | 92,01 Gb Total Space | 80,34 Gb Free Space | 87,31% Space Free | Partition Type: NTFS

Drive E: | 92,02 Gb Total Space | 65,64 Gb Free Space | 71,33% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: KAMIL-PC

Current User Name: Kamil

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Processes (SafeList) ==========

 

PRC - [2010-07-27 23:30:03 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\vir\OTL.exe

PRC - [2010-06-30 14:52:22 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe

PRC - [2009-06-04 01:55:16 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\Ctxfihlp.exe

PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009-02-23 12:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe

PRC - [2008-09-10 23:15:26 | 000,131,752 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 7600 Series\ezprint.exe

PRC - [2008-09-10 23:15:24 | 000,676,520 | ---- | M] () -- C:\Program Files\Lexmark 7600 Series\lxdwmon.exe

PRC - [2008-05-17 04:33:10 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdwcoms.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010-07-27 23:30:03 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\vir\OTL.exe

MOD - [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll

MOD - [2008-01-19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Auto | Stopped] -- C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe -- (N360)

SRV - [2010-02-26 20:23:23 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)

SRV - [2010-02-26 19:24:59 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2010-01-26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2009-02-23 12:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

SRV - [2008-05-17 04:33:10 | 000,594,600 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxdwcoms.exe -- (lxdw_device)

SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stop_Pending] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2008-01-19 09:33:32 | 000,060,928 | --S- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\amstreamv.exe -- (SCardSvrupnphost)

SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\SYMTDI.SYS -- (SYMTDI)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\SYMNDISV.SYS -- (SYMNDISV)

DRV - File not found [Kernel | System | Stopped] -- C:\Windows\System32\DRIVERS\SymIMv.sys -- (SymIM)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)

DRV - File not found [File_System | Boot | Stopped] -- C:\Windows\System32\drivers\N360\0308000.029\SYMEFA.SYS -- (SymEFA)

DRV - File not found [Kernel | System | Stopped] -- C:\Windows\System32\drivers\N360\0308000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV - File not found [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\SRTSP.SYS -- (SRTSP)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100726.041\NAVEX15.SYS -- (NAVEX15)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100726.041\NAVENG.SYS -- (NAVENG)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100723.001\IDSvix86.sys -- (IDSVix86)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

DRV - File not found [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\ccHPx86.sys -- (ccHP)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\btwusb.sys -- (BTWUSB)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)

DRV - File not found [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\BHDrvx86.sys -- (BHDrvx86)

DRV - [2010-04-03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2010-03-06 21:20:57 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)

DRV - [2010-01-21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2010-01-20 17:53:06 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)

DRV - [2010-01-20 17:53:04 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)

DRV - [2009-12-30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2009-12-30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2009-06-04 03:48:12 | 001,177,624 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)

DRV - [2009-06-04 03:48:00 | 000,095,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)

DRV - [2009-06-04 03:47:50 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)

DRV - [2009-06-04 03:47:42 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)

DRV - [2009-06-04 03:47:34 | 000,130,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)

DRV - [2009-06-04 03:47:24 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)

DRV - [2009-06-04 03:47:14 | 000,526,232 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)

DRV - [2009-06-04 03:47:06 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)

DRV - [2009-06-04 03:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)

DRV - [2009-06-04 03:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)

DRV - [2009-06-04 03:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)

DRV - [2009-06-04 03:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)

DRV - [2009-06-04 03:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)

DRV - [2009-06-04 03:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)

DRV - [2008-12-25 08:56:42 | 000,433,792 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast TV2000 XP Expert (FM1216MK3)

DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2008-01-19 08:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV - [2007-03-24 12:20:24 | 000,046,208 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID)

DRV - [2007-03-15 16:41:14 | 000,048,128 | ---- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atl01v32.sys -- (AtcL001)

DRV - [2006-11-02 14:00:28 | 000,017,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cx88tune_IBV32.sys -- (CXTUNE)

DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)

DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2006-10-18 23:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

DRV - [2006-02-07 20:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\JGOGO.sys -- (JGOGO)

DRV - [2005-08-11 08:13:00 | 000,163,584 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cx88vid.sys -- (CX23880)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-07-10 00:13:30 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

 

[2010-02-26 20:55:01 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions

[2010-02-26 20:55:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

 

O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()

O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 7600 Series\ezprint.exe (Lexmark International Inc.)

O4 - HKLM..\Run: [lxdwmon.exe] C:\Program Files\Lexmark 7600 Series\lxdwmon.exe ()

O4 - HKCU..\Run: [{CE701BBE-CCDF-7A2C-7B9D-058FE208426D}] C:\Users\Kamil\AppData\Roaming\Ilpu\qufa.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.156.63.9 82.139.8.7

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010-07-27 23:27:31 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\vir

[2010-07-27 23:24:24 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\nis

[2010-07-27 22:44:14 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\Symantec

[2010-07-27 22:14:00 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Need for Speed World

[2010-07-27 22:04:12 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\Electronic_Arts_Inc

[2010-07-26 20:19:58 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Ilpu

[2010-07-26 20:19:58 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Axgoid

[2010-07-26 19:41:05 | 000,000,000 | ---D | C] -- C:\logs

[2010-07-25 13:55:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2010-07-23 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\CoreTemp32

[2010-07-10 16:55:39 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\fotki rozne

[2010-07-09 19:32:00 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\ACD Systems

[2010-07-09 19:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ACD Systems

[2010-07-09 19:31:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ACD Systems

[2010-07-09 19:31:32 | 000,000,000 | ---D | C] -- C:\Program Files\ACD Systems

[2010-07-09 18:57:31 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Softplicity

[2010-07-09 18:57:28 | 000,000,000 | ---D | C] -- C:\Program Files\TotalCADConverter

[2010-07-09 16:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2010-07-09 16:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mystik Media

[2010-07-09 16:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Soft Gold

[2010-07-08 22:01:04 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2010-07-01 18:59:34 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\gtk-2.0

[2010-07-01 18:28:33 | 000,000,000 | ---D | C] -- C:\Users\Kamil\.thumbnails

[2010-07-01 16:42:43 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Documents\gegl-0.0

[2010-07-01 16:42:43 | 000,000,000 | ---D | C] -- C:\Users\Kamil\.gimp-2.6

[2010-07-01 16:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0

[2010-07-01 16:39:50 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\mapka

[2010-06-30 22:06:43 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack

[2010-03-20 17:20:25 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDWhcp.dll

[2010-03-20 17:20:25 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdwinpa.dll

[2010-03-20 17:20:24 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxdwserv.dll

[2010-03-20 17:20:24 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdwusb1.dll

[2010-03-20 17:20:24 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdwiesc.dll

[2010-03-20 17:20:23 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdwpmui.dll

[2010-03-20 17:20:23 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdwlmpm.dll

[2010-03-20 17:20:22 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\lxdwhbn3.dll

[2010-03-20 17:20:17 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdwcomc.dll

[2010-03-20 17:20:17 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdwcomm.dll

[2009-06-04 01:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll

 

========== Files - Modified Within 30 Days ==========

 

[2010-07-27 23:33:39 | 001,835,008 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT

[2010-07-27 23:23:58 | 000,000,000 | ---- | M] () -- C:\ProgramData\N360BUOptions.ini

[2010-07-27 23:22:24 | 000,034,901 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2010-07-27 23:22:24 | 000,034,901 | ---- | M] () -- C:\ProgramData\nvModes.001

[2010-07-27 23:22:17 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010-07-27 23:22:17 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010-07-27 23:22:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010-07-27 23:22:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010-07-27 22:53:05 | 000,524,288 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms

[2010-07-27 22:53:05 | 000,065,536 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf

[2010-07-27 22:53:05 | 000,055,300 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx

[2010-07-27 22:53:05 | 000,055,300 | ---- | M] () -- C:\Windows\System32\BMXState-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx

[2010-07-27 22:53:05 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx

[2010-07-27 22:37:32 | 002,104,896 | -H-- | M] () -- C:\Users\Kamil\AppData\Local\IconCache.db

[2010-07-27 22:33:18 | 000,269,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010-07-27 22:03:52 | 000,000,725 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk

[2010-07-27 16:55:16 | 001,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010-07-27 16:55:16 | 000,661,818 | ---- | M] () -- C:\Windows\System32\perfh015.dat

[2010-07-27 16:55:16 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010-07-27 16:55:16 | 000,126,702 | ---- | M] () -- C:\Windows\System32\perfc015.dat

[2010-07-27 16:55:16 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010-07-27 16:51:16 | 000,021,960 | ---- | M] () -- C:\Users\Kamil\Desktop\paczek.jpg

[2010-07-26 20:20:36 | 000,000,100 | --S- | M] () -- C:\Windows\System32\3060359707.dat

[2010-07-26 18:27:01 | 000,029,184 | ---- | M] () -- C:\Users\Kamil\Desktop\ksiegowe.xls

[2010-07-24 20:33:10 | 000,028,160 | ---- | M] () -- C:\Users\Kamil\Desktop\Nikon D80.doc

[2010-07-23 23:37:36 | 000,019,456 | ---- | M] () -- C:\Users\Kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-07-20 12:44:28 | 000,164,937 | ---- | M] () -- C:\Users\Kamil\Desktop\podanie.pdf

[2010-07-14 20:02:03 | 000,026,624 | ---- | M] () -- C:\Users\Kamil\Desktop\oswiadczenie rach.doc

[2010-07-10 22:13:34 | 000,037,459 | ---- | M] () -- C:\Users\Kamil\Desktop\DSC_30931.jpg

[2010-07-10 21:44:02 | 000,037,812 | ---- | M] () -- C:\Users\Kamil\Desktop\Zdjęcie104.jpg

[2010-07-10 00:45:56 | 004,065,670 | ---- | M] () -- C:\Users\Kamil\Desktop\DSC_3093.JPG

[2010-07-09 22:02:03 | 000,073,693 | ---- | M] () -- C:\Users\Kamil\Desktop\YIELD2.jpg

[2010-07-09 21:57:55 | 000,003,542 | ---- | M] () -- C:\Users\Kamil\Desktop\YIELD.CGM

[2010-07-09 16:16:33 | 000,059,280 | ---- | M] () -- C:\Users\Kamil\AppData\Local\GDIPFONTCACHEV1.DAT

[2010-07-08 08:36:40 | 000,047,677 | ---- | M] () -- C:\Users\Kamil\Documents\2.prn

[2010-07-07 16:42:09 | 000,058,281 | ---- | M] () -- C:\Users\Kamil\Desktop\1278366559_by_raynavan_500.jpg

[2010-07-02 18:16:28 | 000,005,219 | ---- | M] () -- C:\Users\Kamil\.recently-used.xbel

 

========== Files Created - No Company Name ==========

 

[2010-07-27 23:23:58 | 000,000,000 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini

[2010-07-27 22:03:52 | 000,000,725 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed World.lnk

[2010-07-27 16:49:06 | 000,021,960 | ---- | C] () -- C:\Users\Kamil\Desktop\paczek.jpg

[2010-07-26 20:18:33 | 000,000,100 | --S- | C] () -- C:\Windows\System32\3060359707.dat

[2010-07-24 19:31:54 | 000,028,160 | ---- | C] () -- C:\Users\Kamil\Desktop\Nikon D80.doc

[2010-07-20 12:40:18 | 000,164,937 | ---- | C] () -- C:\Users\Kamil\Desktop\podanie.pdf

[2010-07-14 19:59:46 | 000,026,624 | ---- | C] () -- C:\Users\Kamil\Desktop\oswiadczenie rach.doc

[2010-07-10 21:43:37 | 000,037,812 | ---- | C] () -- C:\Users\Kamil\Desktop\Zdjęcie104.jpg

[2010-07-10 16:58:25 | 000,037,459 | ---- | C] () -- C:\Users\Kamil\Desktop\DSC_30931.jpg

[2010-07-10 16:57:28 | 004,065,670 | ---- | C] () -- C:\Users\Kamil\Desktop\DSC_3093.JPG

[2010-07-09 22:01:58 | 000,073,693 | ---- | C] () -- C:\Users\Kamil\Desktop\YIELD2.jpg

[2010-07-09 21:57:55 | 000,003,542 | ---- | C] () -- C:\Users\Kamil\Desktop\YIELD.CGM

[2010-07-08 08:42:14 | 000,047,677 | ---- | C] () -- C:\Users\Kamil\Documents\2.prn

[2010-07-07 16:42:09 | 000,058,281 | ---- | C] () -- C:\Users\Kamil\Desktop\1278366559_by_raynavan_500.jpg

[2010-07-02 18:16:28 | 000,005,219 | ---- | C] () -- C:\Users\Kamil\.recently-used.xbel

[2010-04-25 02:49:15 | 000,000,002 | ---- | C] () -- C:\Windows\System32\Dvbpws.dll

[2010-03-20 17:33:37 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdwvs.dll

[2010-03-20 17:20:25 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDWinst.dll

[2010-03-20 17:20:21 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdwgrd.dll

[2010-03-20 17:17:33 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxdwcoin.dll

[2010-03-06 14:21:47 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll

[2010-03-06 14:21:46 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys

[2010-03-06 14:21:46 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys

[2010-03-06 02:53:54 | 000,000,303 | ---- | C] () -- C:\Windows\game.ini

[2010-03-03 21:46:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2010-02-27 12:24:07 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2010-02-27 03:53:52 | 000,000,509 | ---- | C] () -- C:\Windows\WINCMD.INI

[2010-02-26 19:24:18 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL

[2010-02-26 19:24:18 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL

[2010-02-26 19:01:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

[2010-02-26 19:01:26 | 000,012,358 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

[2010-02-26 19:01:20 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS

[2009-06-19 21:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2009-06-04 02:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\System32\instwdm.ini

[2009-06-04 02:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini

[2009-06-04 01:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll

[2009-06-04 01:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\CTXFIRES.DLL

[2009-05-27 10:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\System32\kill.ini

[2006-12-04 01:25:14 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugs2l3.dll

[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

< End of report >

 

 

 

EDIT

przy probie zrobienia loga gmerem dwa razy dostalem BSOD

Edytowane przez Niemiec

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

MBAM

 

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Wersja bazy: 4363

 

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18928

 

2010-07-28 22:11:36

mbam-log-2010-07-28 (22-11-36).txt

 

Typ skanowania: Pełne skanowanie (C:\|)

Przeskanowano obiektów: 213359

Upłynęło: 35 minut(y), 49 sekund(y)

 

Zainfekowanych procesów w pamięci: 0

Zainfekowanych modułów w pamięci: 0

Zainfekowanych kluczy rejestru: 0

Zainfekowanych wartości rejestru: 0

Zainfekowane informacje rejestru systemowego: 0

Zainfekowanych folderów: 0

Zainfekowanych plików: 0

 

Zainfekowanych procesów w pamięci:

(Nie znaleziono zagrożeń)

 

Zainfekowanych modułów w pamięci:

(Nie znaleziono zagrożeń)

 

Zainfekowanych kluczy rejestru:

(Nie znaleziono zagrożeń)

 

Zainfekowanych wartości rejestru:

(Nie znaleziono zagrożeń)

 

Zainfekowane informacje rejestru systemowego:

(Nie znaleziono zagrożeń)

 

Zainfekowanych folderów:

(Nie znaleziono zagrożeń)

 

Zainfekowanych plików:

(Nie znaleziono zagrożeń)

 

 

 

edit:

cureit

post-5013-091782700 1280350831_thumb.jpg

 

EDIT

bylo w sumie przez chwile ok, ale po kolejnym restarcie znow lipa. norton nie chce wystartowac, sidebar tez.

 

otl

 

 

OTL logfile created on: 2010-07-29 06:31:18 - Run 2

OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Kamil\Desktop\vir

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18928)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 73,00% Memory free

7,00 Gb Paging File | 6,00 Gb Available in Paging File | 88,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 48,86 Gb Total Space | 28,59 Gb Free Space | 58,51% Space Free | Partition Type: NTFS

Drive D: | 92,01 Gb Total Space | 82,06 Gb Free Space | 89,19% Space Free | Partition Type: NTFS

Drive E: | 92,02 Gb Total Space | 65,64 Gb Free Space | 71,33% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: KAMIL-PC

Current User Name: Kamil

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Processes (SafeList) ==========

 

PRC - [2010-07-27 23:30:03 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\vir\OTL.exe

PRC - [2009-06-04 01:55:16 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\Ctxfihlp.exe

PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009-02-23 12:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe

PRC - [2008-09-10 23:15:26 | 000,131,752 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 7600 Series\ezprint.exe

PRC - [2008-09-10 23:15:24 | 000,676,520 | ---- | M] () -- C:\Program Files\Lexmark 7600 Series\lxdwmon.exe

PRC - [2008-05-17 04:33:10 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdwcoms.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010-07-27 23:30:03 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\vir\OTL.exe

MOD - [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll

MOD - [2008-01-19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2010-07-28 06:33:09 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe -- (N360)

SRV - [2010-02-26 20:23:23 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)

SRV - [2010-02-26 19:24:59 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2010-01-26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2009-02-23 12:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

SRV - [2008-05-17 04:33:10 | 000,594,600 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxdwcoms.exe -- (lxdw_device)

SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stop_Pending] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | System | Stopped] -- C:\Windows\System32\DRIVERS\SymIMv.sys -- (SymIM)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100728.002\NAVEX15.SYS -- (NAVEX15)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100728.002\NAVENG.SYS -- (NAVENG)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\btwusb.sys -- (BTWUSB)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)

DRV - [2010-07-28 06:33:18 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)

DRV - [2010-07-28 06:33:10 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0308000.029\SYMEFA.SYS -- (SymEFA)

DRV - [2010-07-28 06:33:10 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\N360\0308000.029\SRTSP.SYS -- (SRTSP)

DRV - [2010-07-28 06:33:10 | 000,217,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0308000.029\SYMTDI.SYS -- (SYMTDI)

DRV - [2010-07-28 06:33:10 | 000,089,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)

DRV - [2010-07-28 06:33:10 | 000,048,688 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0308000.029\SYMNDISV.SYS -- (SYMNDISV)

DRV - [2010-07-28 06:33:10 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0308000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV - [2010-07-28 06:33:09 | 000,482,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0308000.029\ccHPx86.sys -- (ccHP)

DRV - [2010-07-28 06:33:09 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0308000.029\BHDrvx86.sys -- (BHDrvx86)

DRV - [2010-07-28 00:12:22 | 000,122,104 | ---- | M] (Doctor Web, Ltd.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\dwprot.sys -- (DwProt)

DRV - [2010-07-27 12:27:58 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)

DRV - [2010-07-27 12:27:58 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2010-07-06 03:15:40 | 000,344,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100726.001\IDSvix86.sys -- (IDSVix86)

DRV - [2010-04-03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2010-01-21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2010-01-20 17:53:06 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)

DRV - [2010-01-20 17:53:04 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)

DRV - [2009-12-30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2009-12-30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2009-06-04 03:48:12 | 001,177,624 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)

DRV - [2009-06-04 03:48:00 | 000,095,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)

DRV - [2009-06-04 03:47:50 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)

DRV - [2009-06-04 03:47:42 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)

DRV - [2009-06-04 03:47:34 | 000,130,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)

DRV - [2009-06-04 03:47:24 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)

DRV - [2009-06-04 03:47:14 | 000,526,232 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)

DRV - [2009-06-04 03:47:06 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)

DRV - [2009-06-04 03:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)

DRV - [2009-06-04 03:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)

DRV - [2009-06-04 03:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)

DRV - [2009-06-04 03:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)

DRV - [2009-06-04 03:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)

DRV - [2009-06-04 03:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)

DRV - [2008-12-25 08:56:42 | 000,433,792 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast TV2000 XP Expert (FM1216MK3)

DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2008-01-19 08:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV - [2007-03-24 12:20:24 | 000,046,208 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID)

DRV - [2007-03-15 16:41:14 | 000,048,128 | ---- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atl01v32.sys -- (AtcL001)

DRV - [2006-11-02 14:00:28 | 000,017,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cx88tune_IBV32.sys -- (CXTUNE)

DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)

DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2006-10-18 23:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

DRV - [2006-02-07 20:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\JGOGO.sys -- (JGOGO)

DRV - [2005-08-11 08:13:00 | 000,163,584 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cx88vid.sys -- (CX23880)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-07-10 00:13:30 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

 

[2010-02-26 20:55:01 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions

[2010-02-26 20:55:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

 

O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)

O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 7600 Series\ezprint.exe (Lexmark International Inc.)

O4 - HKLM..\Run: [lxdwmon.exe] C:\Program Files\Lexmark 7600 Series\lxdwmon.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.156.63.9 82.139.8.7

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010-07-28 22:13:08 | 000,000,000 | ---D | C] -- C:\Users\Kamil\DoctorWeb

[2010-07-28 21:29:03 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Malwarebytes

[2010-07-28 21:28:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010-07-28 21:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010-07-28 07:51:56 | 000,310,320 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\SymEFA.sys

[2010-07-28 07:51:56 | 000,308,272 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\srtsp.sys

[2010-07-28 07:51:56 | 000,217,136 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symtdi.sys

[2010-07-28 07:51:56 | 000,089,904 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symfw.sys

[2010-07-28 07:51:56 | 000,048,688 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symndisv.sys

[2010-07-28 07:51:56 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\srtspx.sys

[2010-07-28 07:51:56 | 000,036,400 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symndis.sys

[2010-07-28 07:51:56 | 000,033,072 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symids.sys

[2010-07-28 07:51:55 | 000,482,432 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\cchpx86.sys

[2010-07-28 07:51:55 | 000,259,632 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\BHDrvx86.sys

[2010-07-28 07:51:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0308000.029

[2010-07-28 06:33:22 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll

[2010-07-28 06:32:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360

[2010-07-28 06:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360

[2010-07-28 06:32:47 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller

[2010-07-28 06:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline

[2010-07-27 23:57:27 | 000,122,104 | ---- | C] (Doctor Web, Ltd.) -- C:\Windows\System32\drivers\dwprot.sys

[2010-07-27 23:49:48 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2010-07-27 23:27:31 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\vir

[2010-07-27 23:24:24 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\nis

[2010-07-27 22:44:14 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\Symantec

[2010-07-27 22:14:00 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Need for Speed World

[2010-07-27 22:04:12 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\Electronic_Arts_Inc

[2010-07-26 20:19:58 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Axgoid

[2010-07-26 19:41:05 | 000,000,000 | ---D | C] -- C:\logs

[2010-07-25 13:55:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2010-07-23 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\CoreTemp32

[2010-07-10 16:55:39 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\fotki rozne

[2010-07-09 19:32:00 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\ACD Systems

[2010-07-09 19:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ACD Systems

[2010-07-09 18:57:31 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Softplicity

[2010-07-09 16:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2010-07-09 16:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mystik Media

[2010-07-09 16:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Soft Gold

[2010-07-08 22:01:04 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2010-07-01 18:59:34 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\gtk-2.0

[2010-07-01 18:28:33 | 000,000,000 | ---D | C] -- C:\Users\Kamil\.thumbnails

[2010-07-01 16:42:43 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Documents\gegl-0.0

[2010-07-01 16:42:43 | 000,000,000 | ---D | C] -- C:\Users\Kamil\.gimp-2.6

[2010-07-01 16:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0

[2010-07-01 16:39:50 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\mapka

[2010-06-30 22:06:43 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack

[2010-03-20 17:20:25 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDWhcp.dll

[2010-03-20 17:20:25 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdwinpa.dll

[2010-03-20 17:20:24 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxdwserv.dll

[2010-03-20 17:20:24 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdwusb1.dll

[2010-03-20 17:20:24 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdwiesc.dll

[2010-03-20 17:20:23 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdwpmui.dll

[2010-03-20 17:20:23 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdwlmpm.dll

[2010-03-20 17:20:22 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\lxdwhbn3.dll

[2010-03-20 17:20:17 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdwcomc.dll

[2010-03-20 17:20:17 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdwcomm.dll

[2009-06-04 01:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll

 

========== Files - Modified Within 30 Days ==========

 

[2010-07-29 06:31:42 | 001,835,008 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT

[2010-07-29 06:31:13 | 000,034,901 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2010-07-29 06:31:12 | 000,034,901 | ---- | M] () -- C:\ProgramData\nvModes.001

[2010-07-29 06:31:01 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010-07-29 06:31:01 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010-07-29 06:30:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010-07-29 06:30:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010-07-29 06:08:53 | 001,513,900 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\Cat.DB

[2010-07-29 00:05:57 | 002,121,785 | -H-- | M] () -- C:\Users\Kamil\AppData\Local\IconCache.db

[2010-07-28 23:31:38 | 000,002,145 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk

[2010-07-28 23:14:28 | 000,055,300 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx

[2010-07-28 23:14:28 | 000,055,300 | ---- | M] () -- C:\Windows\System32\BMXState-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx

[2010-07-28 23:14:28 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx

[2010-07-28 23:14:27 | 000,524,288 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms

[2010-07-28 23:14:27 | 000,065,536 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf

[2010-07-28 16:30:47 | 000,029,184 | ---- | M] () -- C:\Users\Kamil\Desktop\ksiegowe.xls

[2010-07-28 07:51:39 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\isolate.ini

[2010-07-28 06:58:47 | 001,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010-07-28 06:58:47 | 000,661,818 | ---- | M] () -- C:\Windows\System32\perfh015.dat

[2010-07-28 06:58:47 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010-07-28 06:58:47 | 000,126,702 | ---- | M] () -- C:\Windows\System32\perfc015.dat

[2010-07-28 06:58:47 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010-07-28 06:33:18 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS

[2010-07-28 06:33:18 | 000,007,456 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT

[2010-07-28 06:33:18 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF

[2010-07-28 06:33:10 | 000,310,320 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\SymEFA.sys

[2010-07-28 06:33:10 | 000,308,272 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\srtsp.sys

[2010-07-28 06:33:10 | 000,217,136 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symtdi.sys

[2010-07-28 06:33:10 | 000,089,904 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symfw.sys

[2010-07-28 06:33:10 | 000,048,688 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symndisv.sys

[2010-07-28 06:33:10 | 000,043,696 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\srtspx.sys

[2010-07-28 06:33:10 | 000,036,400 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symndis.sys

[2010-07-28 06:33:10 | 000,033,072 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symids.sys

[2010-07-28 06:33:09 | 000,482,432 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\cchpx86.sys

[2010-07-28 06:33:09 | 000,259,632 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\BHDrvx86.sys

[2010-07-28 06:33:07 | 000,107,368 | R--- | M] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll

[2010-07-28 06:33:03 | 000,003,373 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\SymEFA.inf

[2010-07-28 06:33:03 | 000,001,752 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\ccHPx86.inf

[2010-07-28 06:33:03 | 000,001,562 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\SymNetV.inf

[2010-07-28 06:33:03 | 000,001,561 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\SymNet.inf

[2010-07-28 06:33:03 | 000,001,388 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\srtspx.inf

[2010-07-28 06:33:03 | 000,001,382 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\srtsp.inf

[2010-07-28 06:33:03 | 000,000,640 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\BHDrvx86.inf

[2010-07-28 06:32:58 | 000,009,412 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\symnetv.cat

[2010-07-28 06:32:58 | 000,009,402 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\SymNet.cat

[2010-07-28 06:32:58 | 000,007,431 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\SymEFA.cat

[2010-07-28 06:32:58 | 000,007,429 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\srtspx.cat

[2010-07-28 06:32:58 | 000,007,425 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\srtsp.cat

[2010-07-28 06:32:58 | 000,007,400 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\BHDrvx86.CAT

[2010-07-28 06:32:58 | 000,007,383 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\ccHPx86.cat

[2010-07-28 00:12:22 | 000,122,104 | ---- | M] (Doctor Web, Ltd.) -- C:\Windows\System32\drivers\dwprot.sys

[2010-07-27 23:52:46 | 214,118,360 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2010-07-27 22:33:18 | 000,269,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010-07-27 16:51:16 | 000,021,960 | ---- | M] () -- C:\Users\Kamil\Desktop\paczek.jpg

[2010-07-26 20:20:36 | 000,000,100 | --S- | M] () -- C:\Windows\System32\3060359707.dat

[2010-07-24 20:33:10 | 000,028,160 | ---- | M] () -- C:\Users\Kamil\Desktop\Nikon D80.doc

[2010-07-23 23:37:36 | 000,019,456 | ---- | M] () -- C:\Users\Kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-07-20 12:44:28 | 000,164,937 | ---- | M] () -- C:\Users\Kamil\Desktop\podanie.pdf

[2010-07-14 20:02:03 | 000,026,624 | ---- | M] () -- C:\Users\Kamil\Desktop\oswiadczenie rach.doc

[2010-07-10 22:13:34 | 000,037,459 | ---- | M] () -- C:\Users\Kamil\Desktop\DSC_30931.jpg

[2010-07-10 21:44:02 | 000,037,812 | ---- | M] () -- C:\Users\Kamil\Desktop\Zdjęcie104.jpg

[2010-07-10 00:45:56 | 004,065,670 | ---- | M] () -- C:\Users\Kamil\Desktop\DSC_3093.JPG

[2010-07-09 22:02:03 | 000,073,693 | ---- | M] () -- C:\Users\Kamil\Desktop\YIELD2.jpg

[2010-07-09 21:57:55 | 000,003,542 | ---- | M] () -- C:\Users\Kamil\Desktop\YIELD.CGM

[2010-07-09 16:16:33 | 000,059,280 | ---- | M] () -- C:\Users\Kamil\AppData\Local\GDIPFONTCACHEV1.DAT

[2010-07-08 08:36:40 | 000,047,677 | ---- | M] () -- C:\Users\Kamil\Documents\2.prn

[2010-07-07 16:42:09 | 000,058,281 | ---- | M] () -- C:\Users\Kamil\Desktop\1278366559_by_raynavan_500.jpg

[2010-07-02 18:16:28 | 000,005,219 | ---- | M] () -- C:\Users\Kamil\.recently-used.xbel

 

========== Files Created - No Company Name ==========

 

[2010-07-28 23:37:12 | 001,513,900 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\Cat.DB

[2010-07-28 23:31:38 | 000,002,145 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk

[2010-07-28 07:51:56 | 000,009,412 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\symnetv.cat

[2010-07-28 07:51:56 | 000,009,402 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\SymNet.cat

[2010-07-28 07:51:56 | 000,007,431 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\SymEFA.cat

[2010-07-28 07:51:56 | 000,007,429 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\srtspx.cat

[2010-07-28 07:51:56 | 000,007,425 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\srtsp.cat

[2010-07-28 07:51:56 | 000,003,373 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\SymEFA.inf

[2010-07-28 07:51:56 | 000,001,562 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\SymNetV.inf

[2010-07-28 07:51:56 | 000,001,561 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\SymNet.inf

[2010-07-28 07:51:56 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\srtspx.inf

[2010-07-28 07:51:56 | 000,001,382 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\srtsp.inf

[2010-07-28 07:51:55 | 000,007,400 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\BHDrvx86.CAT

[2010-07-28 07:51:55 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\ccHPx86.cat

[2010-07-28 07:51:55 | 000,001,752 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\ccHPx86.inf

[2010-07-28 07:51:55 | 000,000,640 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\BHDrvx86.inf

[2010-07-28 07:51:39 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\isolate.ini

[2010-07-27 23:49:43 | 214,118,360 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2010-07-27 16:49:06 | 000,021,960 | ---- | C] () -- C:\Users\Kamil\Desktop\paczek.jpg

[2010-07-26 20:18:33 | 000,000,100 | --S- | C] () -- C:\Windows\System32\3060359707.dat

[2010-07-24 19:31:54 | 000,028,160 | ---- | C] () -- C:\Users\Kamil\Desktop\Nikon D80.doc

[2010-07-20 12:40:18 | 000,164,937 | ---- | C] () -- C:\Users\Kamil\Desktop\podanie.pdf

[2010-07-14 19:59:46 | 000,026,624 | ---- | C] () -- C:\Users\Kamil\Desktop\oswiadczenie rach.doc

[2010-07-10 21:43:37 | 000,037,812 | ---- | C] () -- C:\Users\Kamil\Desktop\Zdjęcie104.jpg

[2010-07-10 16:58:25 | 000,037,459 | ---- | C] () -- C:\Users\Kamil\Desktop\DSC_30931.jpg

[2010-07-10 16:57:28 | 004,065,670 | ---- | C] () -- C:\Users\Kamil\Desktop\DSC_3093.JPG

[2010-07-09 22:01:58 | 000,073,693 | ---- | C] () -- C:\Users\Kamil\Desktop\YIELD2.jpg

[2010-07-09 21:57:55 | 000,003,542 | ---- | C] () -- C:\Users\Kamil\Desktop\YIELD.CGM

[2010-07-08 08:42:14 | 000,047,677 | ---- | C] () -- C:\Users\Kamil\Documents\2.prn

[2010-07-07 16:42:09 | 000,058,281 | ---- | C] () -- C:\Users\Kamil\Desktop\1278366559_by_raynavan_500.jpg

[2010-07-02 18:16:28 | 000,005,219 | ---- | C] () -- C:\Users\Kamil\.recently-used.xbel

[2010-04-25 02:49:15 | 000,000,002 | ---- | C] () -- C:\Windows\System32\Dvbpws.dll

[2010-03-20 17:33:37 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdwvs.dll

[2010-03-20 17:20:25 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDWinst.dll

[2010-03-20 17:20:21 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdwgrd.dll

[2010-03-20 17:17:33 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxdwcoin.dll

[2010-03-06 14:21:47 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll

[2010-03-06 14:21:46 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys

[2010-03-06 14:21:46 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys

[2010-03-06 02:53:54 | 000,000,303 | ---- | C] () -- C:\Windows\game.ini

[2010-03-03 21:46:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2010-02-27 12:24:07 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2010-02-27 03:53:52 | 000,000,509 | ---- | C] () -- C:\Windows\WINCMD.INI

[2010-02-26 19:24:18 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL

[2010-02-26 19:24:18 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL

[2010-02-26 19:01:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

[2010-02-26 19:01:26 | 000,012,358 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

[2010-02-26 19:01:20 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS

[2009-06-19 21:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2009-06-04 02:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\System32\instwdm.ini

[2009-06-04 02:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini

[2009-06-04 01:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll

[2009-06-04 01:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\CTXFIRES.DLL

[2009-05-27 10:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\System32\kill.ini

[2006-12-04 01:25:14 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugs2l3.dll

[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

< End of report >

 

 

Edytowane przez Niemiec

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

GMER

 

 

GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover

Rootkit scan 2010-07-29 16:25:16

Windows 6.0.6002 Service Pack 2

Running: gmer.exe; Driver: C:\Users\Kamil\AppData\Local\Temp\kwlcqpod.sys

 

 

---- System - GMER 1.0.15 ----

 

SSDT 87EB1900 ZwAlertResumeThread

SSDT 87F22160 ZwAlertThread

SSDT 886330D8 ZwAllocateVirtualMemory

SSDT 87DE12B8 ZwAlpcConnectPort

SSDT 885EFFD0 ZwAssignProcessToJobObject

SSDT 886346A0 ZwCreateMutant

SSDT 885EFD50 ZwCreateSymbolicLinkObject

SSDT 87EBB8E0 ZwCreateThread

SSDT 88634378 ZwDebugActiveProcess

SSDT 88633230 ZwDuplicateObject

SSDT 88613EF0 ZwFreeVirtualMemory

SSDT 885EC1A0 ZwImpersonateAnonymousToken

SSDT 885EB318 ZwImpersonateThread

SSDT 87DD72B8 ZwLoadDriver

SSDT 88613E10 ZwMapViewOfSection

SSDT 886022B8 ZwOpenEvent

SSDT 8861C8A0 ZwOpenProcess

SSDT 87F19180 ZwOpenProcessToken

SSDT 88609068 ZwOpenSection

SSDT 8861AAC8 ZwOpenThread

SSDT 885EFF00 ZwProtectVirtualMemory

SSDT 87EAF238 ZwResumeThread

SSDT 87F17A20 ZwSetContextThread

SSDT 88634F80 ZwSetInformationProcess

SSDT 8860A748 ZwSetSystemInformation

SSDT 8858A108 ZwSuspendProcess

SSDT 87EBC7F0 ZwSuspendThread

SSDT 87E29908 ZwTerminateProcess

SSDT 87EBE300 ZwTerminateThread

SSDT 87EBD320 ZwUnmapViewOfSection

SSDT 88613FC0 ZwWriteVirtualMemory

SSDT 885EFE20 ZwCreateThreadEx

 

---- Devices - GMER 1.0.15 ----

 

AttachedDevice \FileSystem\Ntfs \Ntfs dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.)

AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

AttachedDevice \Driver\tdx \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

 

Device \FileSystem\cdfs \Cdfs A2EF205C

 

---- Registry - GMER 1.0.15 ----

 

Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{8e89e3c8-0374-45ca-8603-868d62913ab6}@Dhcpv6State 1

 

---- EOF - GMER 1.0.15 ----

 

 

 

zauwazylem, ze jak odlacze kabel sieciowy to komp uruchamia sie normalnie i programy tez chodza jak bozia przykazala. tak pewnie bedzie do nastepnego restartu.

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

wlasnie puscilem

 

 

 

ComboFix 10-08-15.04 - Kamil 2010-08-20 21:30:07.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.48.1045.18.3326.2062 [GMT 2:00]

Uruchomiony z: c:\users\Kamil\Desktop\vir\ComboFix.exe

AV: Norton 360 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

SP: Norton 360 *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}

SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

* Utworzono nowy punkt przywracania

.

 

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\users\Kamil\AppData\Local\omlsvet.dll

c:\users\Kamil\AppData\Roaming\EurekaLog

c:\windows\system32\3060359707.dat

 

.

((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_PROCEXP141

 

 

((((((((((((((((((((((((( Pliki utworzone od 2010-07-20 do 2010-08-20 )))))))))))))))))))))))))))))))

.

 

2010-08-01 10:36 . 2010-08-01 10:48 -------- d-----w- C:\Dwa ogrody

2010-07-28 20:13 . 2010-07-28 20:13 -------- d-----w- c:\users\Kamil\DoctorWeb

2010-07-28 19:29 . 2010-07-28 19:29 -------- d-----w- c:\users\Kamil\AppData\Roaming\Malwarebytes

2010-07-28 19:28 . 2010-07-28 21:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-07-28 19:28 . 2010-07-28 19:28 -------- d-----w- c:\programdata\Malwarebytes

2010-07-28 04:33 . 2010-07-28 04:33 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys

2010-07-28 04:33 . 2010-07-28 04:33 107368 ----a-r- c:\windows\system32\GEARAspi.dll

2010-07-28 04:32 . 2010-07-28 22:11 -------- d-----w- c:\windows\system32\drivers\N360

2010-07-28 04:32 . 2010-07-28 04:33 -------- d-----w- c:\program files\Norton 360

2010-07-28 04:32 . 2010-07-28 04:32 -------- d-----w- c:\program files\NortonInstaller

2010-07-28 04:27 . 2010-07-28 04:32 -------- d-----w- c:\program files\SkanerOnline

2010-07-27 21:57 . 2010-07-27 22:12 122104 ----a-w- c:\windows\system32\drivers\dwprot.sys

2010-07-27 20:44 . 2010-07-27 20:44 -------- d-----w- c:\users\Kamil\AppData\Local\Symantec

2010-07-27 20:14 . 2010-07-27 20:14 -------- d-----w- c:\users\Kamil\AppData\Roaming\Need for Speed World

2010-07-27 20:04 . 2010-07-27 20:04 -------- d-----w- c:\users\Kamil\AppData\Local\Electronic_Arts_Inc

2010-07-26 18:19 . 2010-07-27 21:12 -------- d-----w- c:\users\Kamil\AppData\Roaming\Axgoid

2010-07-26 17:41 . 2010-07-26 17:41 -------- d-----w- C:\logs

2010-07-25 11:55 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll

 

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-08-20 19:36 . 2010-02-26 18:11 34901 ----a-w- c:\programdata\nvModes.dat

2010-08-20 19:28 . 2010-03-06 01:39 -------- d-----w- c:\users\Kamil\AppData\Roaming\uTorrent

2010-08-20 17:17 . 2010-02-26 18:54 -------- d-----w- c:\program files\Mozilla Thunderbird

2010-08-20 08:05 . 2006-12-05 05:22 661818 ----a-w- c:\windows\system32\perfh015.dat

2010-08-20 08:05 . 2006-12-05 05:22 126702 ----a-w- c:\windows\system32\perfc015.dat

2010-07-29 04:57 . 2010-02-26 16:54 59280 ----a-w- c:\users\Kamil\AppData\Local\GDIPFONTCACHEV1.DAT

2010-07-28 05:00 . 2010-03-06 14:59 -------- d-----w- c:\program files\Common Files\Symantec Shared

2010-07-28 04:33 . 2010-03-06 14:59 -------- d-----w- c:\program files\Symantec

2010-07-28 04:33 . 2010-03-06 14:59 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF

2010-07-28 04:33 . 2010-03-06 14:59 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT

2010-07-28 04:33 . 2010-03-06 14:59 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2010-07-28 04:32 . 2010-02-26 17:48 -------- d-----w- c:\programdata\Norton

2010-07-28 04:32 . 2010-02-26 17:47 -------- d-----w- c:\programdata\NortonInstaller

2010-07-09 17:32 . 2010-07-09 17:32 -------- d-----w- c:\users\Kamil\AppData\Roaming\ACD Systems

2010-07-09 17:31 . 2010-07-09 17:31 -------- d-----w- c:\programdata\ACD Systems

2010-07-09 16:57 . 2010-07-09 16:57 -------- d-----w- c:\users\Kamil\AppData\Roaming\Softplicity

2010-07-09 14:25 . 2010-07-09 14:25 -------- d-----w- c:\program files\Mystik Media

2010-07-09 14:16 . 2010-07-09 14:16 -------- d-----w- c:\program files\Soft Gold

2010-07-01 20:38 . 2010-02-27 00:01 -------- d-----w- c:\program files\Opera

2010-07-01 17:07 . 2010-07-01 16:59 -------- d-----w- c:\users\Kamil\AppData\Roaming\gtk-2.0

2010-07-01 14:42 . 2010-07-01 14:42 -------- d-----w- c:\program files\GIMP-2.0

2010-06-30 20:06 . 2010-06-30 20:06 -------- d-----w- c:\program files\Combined Community Codec Pack

2010-05-26 17:06 . 2010-06-19 21:33 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-05-26 14:47 . 2010-06-19 21:33 289792 ----a-w- c:\windows\system32\atmfd.dll

.

 

------- Sigcheck -------

 

Błąd usług kryptograficznych !!

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTxfiHlp"="CTXFIHLP.EXE" [2009-06-03 25600]

"lxdwmon.exe"="c:\program files\Lexmark 7600 Series\lxdwmon.exe" [2008-09-10 676520]

"EzPrint"="c:\program files\Lexmark 7600 Series\ezprint.exe" [2008-09-10 131752]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

@="FSFilter Activity Monitor"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]

2007-03-20 13:36 36864 ----a-w- c:\windows\RaidTool\xInsIDE.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"VistaSp2"=hex(b):9d,59,d7,c9,16,bb,ca,01

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2166942745-957436607-1848780418-1000]

"EnableNotificationsRef"=dword:00000001

 

R2 lxdw_device;lxdw_device;c:\windows\system32\lxdwcoms.exe [2008-05-17 594600]

R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [2010-07-28 117640]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-02-26 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-02-26 79360]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2009-06-04 171032]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2009-06-04 72728]

R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-01-20 14216]

R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-01-20 8456]

R3 WSDPrintDevice;Obsługa drukowania WSD za pośrednictwem bloku pamięci górnej;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-19 16896]

S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys [2010-07-27 122104]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0308000.029\SYMEFA.SYS [2010-07-28 310320]

S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\Drivers\N360\0308000.029\BHDrvx86.sys [2010-07-28 259632]

S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\N360\0308000.029\ccHPx86.sys [2010-07-28 482432]

S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100818.002\IDSvix86.sys [2010-07-06 344112]

S3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\atl01v32.sys [2007-03-15 48128]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2009-06-04 171032]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2009-06-04 72728]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-07-27 102448]

S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\N360\0308000.029\SYMNDISV.SYS [2010-07-28 48688]

S3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3);c:\windows\system32\drivers\wfeaglxt.sys [2008-12-25 433792]

 

.

.

------- Skan uzupełniający -------

.

uStart Page = about:blank

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Wyślij do interfejsu &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

.

- - - - USUNIĘTO PUSTE WPISY - - - -

 

HKCU-Run-Kdododipoki - c:\users\Kamil\AppData\Local\omlsvet.dll

MSConfigStartUp-{CE701BBE-CCDF-7A2C-7B9D-058FE208426D} - c:\users\Kamil\AppData\Roaming\Ilpu\qufa.exe

 

 

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-08-20 21:39

Windows 6.0.6002 Service Pack 2 NTFS

 

skanowanie ukrytych procesów ...

 

skanowanie ukrytych wpisów autostartu ...

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

CTxfiHlp = CTXFIHLP.EXE?

 

skanowanie ukrytych plików ...

 

skanowanie pomyślnie ukończone

ukryte pliki: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\N360]

"ImagePath"="\"c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.8.0.41\diMaster.dll\" /prefetch:1"

.

--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------

 

- - - - - - - > 'Explorer.exe'(1624)

c:\windows\System32\netshell.dll

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\windows\system32\nvvsvc.exe

c:\program files\Creative\Shared Files\CTAudSvc.exe

c:\windows\system32\nvvsvc.exe

c:\windows\System32\Ctxfihlp.exe

c:\windows\system32\taskmgr.exe

.

**************************************************************************

.

Czas ukończenia: 2010-08-20 21:40:12 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2010-08-20 19:40

 

Przed: 30 449 078 272 bajtów wolnych

Po: 30 180 134 912 bajtów wolnych

 

- - End Of File - - FDB43619E1178114A7EAB429AD921D76

 

 

 

 

EDIT.

po restarcie nic sie nie zmienilo :/

 

EDIT2.

w trybie awaryjnym jest prawie ok. dalej nie moge uruchomic WU, ale udalo sie nortona odinstalowac.

 

gmer

 

 

GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover

Rootkit scan 2010-08-21 00:07:22

Windows 6.0.6002 Service Pack 2

Running: gmer.exe; Driver: C:\Users\Kamil\AppData\Local\Temp\kwlcqpod.sys

 

 

---- Devices - GMER 1.0.15 ----

 

AttachedDevice \FileSystem\Ntfs \Ntfs dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.)

 

---- Registry - GMER 1.0.15 ----

 

Reg HKLM\SYSTEM\ControlSet001\Control\Session Manager@PendingFileRenameOperations ???R????????????????????%SystemRoot%\system32\cmd.exe???????%s???????R???????????????+??????????????Windows_NT???????????S????????????l??R???????T???????+???????????????????????,?????????????M???P???P???R???R????????????? ???????R???????????M??????????(????????????????r??HTTP Print Services?????inetpp.dll??????? ???????R?????R?????N??????????2???????????????s????????R???i??2s??win32spl.dll?+????2??R???s?????e????Us?ugi drukowania LanMan????? ???????R???????????????????????????????????(??? ???????R???????????R????????"??????????s????????????????????s?????? ???????????????????R????????.???.??????????l???????????????????????n??? ???????????????????N????????????/???????????????4??R??????????????Terminal Server?Personal?????????N?????????e????? ???????????????????????R???R???????S??? ???????????????????R?R?R?R?R???R????????????????????BSTOR#Disk&Ven_&Prod_Flash_Disk&Rev_5.00#0514460005DCAB06&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}0c91efb8b}fb8b}??\??? ???????????????????R????????4???0???????????e??????????????R?

 

---- EOF - GMER 1.0.15 ----

 

 

 

otl

 

 

OTL logfile created on: 2010-08-21 00:08:58 - Run 1

OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Kamil\Desktop\vir

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18928)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 75,00% Memory free

7,00 Gb Paging File | 6,00 Gb Available in Paging File | 91,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 48,86 Gb Total Space | 28,34 Gb Free Space | 58,01% Space Free | Partition Type: NTFS

Drive D: | 92,01 Gb Total Space | 80,93 Gb Free Space | 87,96% Space Free | Partition Type: NTFS

Drive E: | 92,02 Gb Total Space | 39,11 Gb Free Space | 42,51% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: KAMIL-PC

Current User Name: Kamil

Logged in as Administrator.

 

Current Boot Mode: SafeMode with Networking

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Processes (SafeList) ==========

 

PRC - [2010-08-21 00:07:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\vir\OTL.exe

PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010-08-21 00:07:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\vir\OTL.exe

MOD - [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll

MOD - [2008-01-19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2010-02-26 20:23:23 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)

SRV - [2010-02-26 19:24:59 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2010-01-26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2009-02-23 12:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Stopped] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

SRV - [2008-05-17 04:33:10 | 000,594,600 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxdwcoms.exe -- (lxdw_device)

SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100304.005\NAVEX15.SYS -- (NAVEX15)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\btwusb.sys -- (BTWUSB)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)

DRV - [2010-07-28 00:12:22 | 000,122,104 | ---- | M] (Doctor Web, Ltd.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\dwprot.sys -- (DwProt)

DRV - [2010-04-03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2010-01-21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2010-01-20 17:53:06 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)

DRV - [2010-01-20 17:53:04 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)

DRV - [2009-12-30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2009-12-30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2009-06-04 03:48:12 | 001,177,624 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)

DRV - [2009-06-04 03:48:00 | 000,095,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)

DRV - [2009-06-04 03:47:50 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)

DRV - [2009-06-04 03:47:42 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)

DRV - [2009-06-04 03:47:34 | 000,130,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)

DRV - [2009-06-04 03:47:24 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)

DRV - [2009-06-04 03:47:14 | 000,526,232 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)

DRV - [2009-06-04 03:47:06 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)

DRV - [2009-06-04 03:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)

DRV - [2009-06-04 03:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)

DRV - [2009-06-04 03:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)

DRV - [2009-06-04 03:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)

DRV - [2009-06-04 03:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)

DRV - [2009-06-04 03:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)

DRV - [2008-12-25 08:56:42 | 000,433,792 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast TV2000 XP Expert (FM1216MK3)

DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2008-01-19 08:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV - [2007-03-24 12:20:24 | 000,046,208 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID)

DRV - [2007-03-15 16:41:14 | 000,048,128 | ---- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atl01v32.sys -- (AtcL001)

DRV - [2006-11-02 14:00:28 | 000,017,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cx88tune_IBV32.sys -- (CXTUNE)

DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)

DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2006-10-18 23:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

DRV - [2006-02-07 20:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\JGOGO.sys -- (JGOGO)

DRV - [2005-08-11 08:13:00 | 000,163,584 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cx88vid.sys -- (CX23880)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-08-17 15:59:05 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

 

[2010-02-26 20:55:01 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions

[2010-02-26 20:55:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

 

O1 HOSTS File: ([2010-08-20 21:36:04 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()

O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 7600 Series\ezprint.exe (Lexmark International Inc.)

O4 - HKLM..\Run: [lxdwmon.exe] C:\Program Files\Lexmark 7600 Series\lxdwmon.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.156.63.9 82.139.8.7

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Kamil\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010-08-20 22:54:50 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Tific

[2010-08-20 21:40:14 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2010-08-20 21:40:14 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\temp

[2010-08-20 21:36:07 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN

[2010-08-20 21:29:33 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2010-08-20 21:29:33 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2010-08-20 21:29:33 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2010-08-20 21:29:29 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2010-08-20 21:29:28 | 000,000,000 | ---D | C] -- C:\ComboFix

[2010-08-20 21:28:48 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010-08-20 21:28:32 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2010-08-01 12:36:08 | 000,000,000 | ---D | C] -- C:\Dwa ogrody

[2010-07-28 22:13:08 | 000,000,000 | ---D | C] -- C:\Users\Kamil\DoctorWeb

[2010-07-28 21:29:03 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Malwarebytes

[2010-07-28 21:28:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010-07-28 21:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010-07-28 06:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline

[2010-07-27 23:57:27 | 000,122,104 | ---- | C] (Doctor Web, Ltd.) -- C:\Windows\System32\drivers\dwprot.sys

[2010-07-27 23:49:48 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2010-07-27 23:27:31 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\vir

[2010-07-27 23:24:24 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\nis

[2010-07-27 22:44:14 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\Symantec

[2010-07-27 22:14:00 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Need for Speed World

[2010-07-27 22:04:12 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\Electronic_Arts_Inc

[2010-07-26 20:19:58 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Axgoid

[2010-07-26 19:41:05 | 000,000,000 | ---D | C] -- C:\logs

[2010-07-23 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\CoreTemp32

[2010-03-20 17:20:25 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDWhcp.dll

[2010-03-20 17:20:25 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdwinpa.dll

[2010-03-20 17:20:24 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxdwserv.dll

[2010-03-20 17:20:24 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdwusb1.dll

[2010-03-20 17:20:24 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdwiesc.dll

[2010-03-20 17:20:23 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdwpmui.dll

[2010-03-20 17:20:23 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdwlmpm.dll

[2010-03-20 17:20:22 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\lxdwhbn3.dll

[2010-03-20 17:20:17 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdwcomc.dll

[2010-03-20 17:20:17 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdwcomm.dll

[2009-06-04 01:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll

 

========== Files - Modified Within 30 Days ==========

 

[2010-08-21 00:09:03 | 001,835,008 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT

[2010-08-20 23:26:26 | 001,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010-08-20 23:26:26 | 000,661,070 | ---- | M] () -- C:\Windows\System32\perfh015.dat

[2010-08-20 23:26:26 | 000,586,568 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010-08-20 23:26:26 | 000,126,324 | ---- | M] () -- C:\Windows\System32\perfc015.dat

[2010-08-20 23:26:26 | 000,100,640 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010-08-20 23:22:40 | 000,001,356 | ---- | M] () -- C:\Users\Kamil\AppData\Local\d3d9caps.dat

[2010-08-20 23:21:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010-08-20 23:18:20 | 001,369,883 | -H-- | M] () -- C:\Users\Kamil\AppData\Local\IconCache.db

[2010-08-20 22:57:28 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010-08-20 22:57:28 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010-08-20 22:57:25 | 000,034,901 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2010-08-20 22:57:25 | 000,034,901 | ---- | M] () -- C:\ProgramData\nvModes.001

[2010-08-20 22:57:13 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010-08-20 22:56:13 | 000,055,300 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx

[2010-08-20 22:56:13 | 000,055,300 | ---- | M] () -- C:\Windows\System32\BMXState-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx

[2010-08-20 22:56:13 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx

[2010-08-20 22:56:12 | 000,524,288 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms

[2010-08-20 22:56:12 | 000,065,536 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf

[2010-08-20 21:51:18 | 000,000,000 | ---- | M] () -- C:\ProgramData\N360BUOptions.ini

[2010-08-20 21:36:09 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini

[2010-08-20 21:36:04 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2010-08-19 17:24:49 | 000,030,208 | ---- | M] () -- C:\Users\Kamil\Desktop\ksiegowe.xls

[2010-08-16 18:48:47 | 000,120,980 | ---- | M] () -- C:\Users\Kamil\Desktop\DSC_3250.JPG

[2010-08-16 18:44:01 | 000,002,073 | ---- | M] () -- C:\Users\Kamil\.recently-used.xbel

[2010-08-16 17:20:09 | 000,035,840 | ---- | M] () -- C:\Users\Kamil\Desktop\tytuly.doc

[2010-08-16 17:19:27 | 000,035,328 | ---- | M] () -- C:\Users\Kamil\Desktop\mandaty.doc

[2010-08-15 21:34:14 | 003,488,912 | ---- | M] () -- C:\Users\Kamil\Desktop\DSC_3252.JPG

[2010-08-15 21:34:04 | 003,590,695 | ---- | M] () -- C:\Users\Kamil\Desktop\DSC_3251.JPG

[2010-08-04 17:23:43 | 000,096,689 | ---- | M] () -- C:\Users\Kamil\Desktop\96a35ec98c.jpeg

[2010-07-29 06:57:35 | 000,059,280 | ---- | M] () -- C:\Users\Kamil\AppData\Local\GDIPFONTCACHEV1.DAT

[2010-07-29 06:57:11 | 000,269,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010-07-28 00:12:22 | 000,122,104 | ---- | M] (Doctor Web, Ltd.) -- C:\Windows\System32\drivers\dwprot.sys

[2010-07-27 23:52:46 | 214,118,360 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2010-07-24 20:33:10 | 000,028,160 | ---- | M] () -- C:\Users\Kamil\Desktop\Nikon D80.doc

[2010-07-23 23:37:36 | 000,019,456 | ---- | M] () -- C:\Users\Kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 

========== Files Created - No Company Name ==========

 

[2010-08-20 21:51:18 | 000,000,000 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini

[2010-08-20 21:29:33 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2010-08-20 21:29:33 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2010-08-20 21:29:33 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2010-08-20 21:29:33 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe

[2010-08-20 21:29:33 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2010-08-16 18:44:01 | 000,002,073 | ---- | C] () -- C:\Users\Kamil\.recently-used.xbel

[2010-08-16 17:20:09 | 000,035,840 | ---- | C] () -- C:\Users\Kamil\Desktop\tytuly.doc

[2010-08-16 17:19:26 | 000,035,328 | ---- | C] () -- C:\Users\Kamil\Desktop\mandaty.doc

[2010-08-15 21:36:33 | 003,590,695 | ---- | C] () -- C:\Users\Kamil\Desktop\DSC_3251.JPG

[2010-08-15 21:36:33 | 003,488,912 | ---- | C] () -- C:\Users\Kamil\Desktop\DSC_3252.JPG

[2010-08-15 21:36:33 | 000,120,980 | ---- | C] () -- C:\Users\Kamil\Desktop\DSC_3250.JPG

[2010-08-04 17:23:43 | 000,096,689 | ---- | C] () -- C:\Users\Kamil\Desktop\96a35ec98c.jpeg

[2010-07-27 23:49:43 | 214,118,360 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2010-07-24 19:31:54 | 000,028,160 | ---- | C] () -- C:\Users\Kamil\Desktop\Nikon D80.doc

[2010-04-25 02:49:15 | 000,000,002 | ---- | C] () -- C:\Windows\System32\Dvbpws.dll

[2010-03-20 17:35:26 | 000,011,904 | ---- | C] () -- C:\ProgramData\lxdw.log

[2010-03-20 17:33:37 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdwvs.dll

[2010-03-20 17:20:25 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDWinst.dll

[2010-03-20 17:20:21 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdwgrd.dll

[2010-03-20 17:17:33 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxdwcoin.dll

[2010-03-20 17:05:53 | 000,000,187 | ---- | C] () -- C:\ProgramData\lxdwDiagnostics.log

[2010-03-20 17:01:33 | 000,000,252 | ---- | C] () -- C:\ProgramData\FastPics.log

[2010-03-20 16:59:31 | 000,000,000 | ---- | C] () -- C:\ProgramData\UpdaterLog.txt

[2010-03-06 14:21:47 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll

[2010-03-06 14:21:46 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys

[2010-03-06 14:21:46 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys

[2010-03-06 02:53:54 | 000,000,303 | ---- | C] () -- C:\Windows\game.ini

[2010-03-03 21:46:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2010-02-27 12:24:07 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2010-02-27 04:15:45 | 000,019,456 | ---- | C] () -- C:\Users\Kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-02-27 03:53:52 | 000,000,509 | ---- | C] () -- C:\Windows\WINCMD.INI

[2010-02-26 20:42:17 | 000,034,901 | ---- | C] () -- C:\ProgramData\nvModes.001

[2010-02-26 20:11:49 | 000,034,901 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2010-02-26 19:24:18 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL

[2010-02-26 19:24:18 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL

[2010-02-26 19:01:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

[2010-02-26 19:01:26 | 000,012,358 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

[2010-02-26 19:01:20 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS

[2010-02-26 18:54:28 | 000,001,356 | ---- | C] () -- C:\Users\Kamil\AppData\Local\d3d9caps.dat

[2009-06-19 21:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2009-06-04 02:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\System32\instwdm.ini

[2009-06-04 02:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini

[2009-06-04 01:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll

[2009-06-04 01:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\CTXFIRES.DLL

[2009-05-27 10:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\System32\kill.ini

[2006-12-04 01:25:14 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugs2l3.dll

[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

< End of report >

 

 

 

otl extras

 

 

OTL Extras logfile created on: 2010-08-21 00:08:58 - Run 1

OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Kamil\Desktop\vir

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18928)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 75,00% Memory free

7,00 Gb Paging File | 6,00 Gb Available in Paging File | 91,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 48,86 Gb Total Space | 28,34 Gb Free Space | 58,01% Space Free | Partition Type: NTFS

Drive D: | 92,01 Gb Total Space | 80,93 Gb Free Space | 87,96% Space Free | Partition Type: NTFS

Drive E: | 92,02 Gb Total Space | 39,11 Gb Free Space | 42,51% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: KAMIL-PC

Current User Name: Kamil

Logged in as Administrator.

 

Current Boot Mode: SafeMode with Networking

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2166942745-957436607-1848780418-1000]

"EnableNotifications" = 0

"EnableNotificationsRef" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{28728DF9-F1AE-44B0-BDCE-812471C7DEA6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{687AF004-CF5B-4CBD-9CCA-8D4915785177}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{6A585C65-2EC7-443F-AA60-92A29633711E}" = rport=138 | protocol=17 | dir=out | app=system |

"{7A477A84-AD80-4E7B-AD9C-9964B7B6E097}" = rport=139 | protocol=6 | dir=out | app=system |

"{7FB70B3A-16E7-439A-8F09-2C4D3A19C5CF}" = lport=445 | protocol=6 | dir=in | app=system |

"{814D3084-34FC-4F45-B44C-3F591E7EDC24}" = lport=137 | protocol=17 | dir=in | app=system |

"{B8F1D662-39D3-4989-A6BD-ACC7DCBEEA73}" = lport=138 | protocol=17 | dir=in | app=system |

"{CFC0AC83-4B2E-49FB-A1BA-10691629E29E}" = rport=445 | protocol=6 | dir=out | app=system |

"{DF95094E-5F26-48C0-91EC-05E2B3E0C3E3}" = rport=137 | protocol=17 | dir=out | app=system |

"{E1FD5DA9-56A8-4F07-A166-669120FBCE78}" = lport=139 | protocol=6 | dir=in | app=system |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{09299100-34FF-495A-B374-B98B61001025}" = protocol=6 | dir=in | app=c:\windows\system32\lxdwcoms.exe |

"{22D6C651-03B5-4D2B-A284-31529E42EA60}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{259E7368-64EC-420B-9BD3-C6AE073E0872}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{280DFA69-A598-49C1-8A11-DE00B83BBFD1}" = protocol=17 | dir=in | app=d:\gry\wings of prey demo\aces.exe |

"{580EBBF0-F928-4BAA-90EB-98817B4D8102}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{6AF61A57-9264-41AA-9421-D0E1185D3C6C}" = protocol=6 | dir=in | app=d:\gry\wings of prey demo\aces.exe |

"{6EEDCECD-DF72-48E6-841D-98BA03298BFE}" = protocol=6 | dir=in | app=d:\gry\wings of prey demo\launcher.exe |

"{7A745598-E4BC-4C4D-BD1D-C782398E4260}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{911F2315-AE6C-45E9-B800-B02B8C364805}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{9BDF56B5-D029-4554-96F6-D8F08A1AF562}" = protocol=17 | dir=in | app=d:\gry\wings of prey demo\launcher.exe |

"{A2467D30-87FE-424B-8452-5B74DAC0A138}" = protocol=17 | dir=in | app=c:\windows\system32\lxdwcoms.exe |

"{C11BEF7E-9259-4653-A6A0-DD34E8E74433}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |

"{D75D8E27-3B31-4603-8A4D-E1C4E22E9965}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{F9D92DFA-A08B-489D-9FF4-8501A9ABE762}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite

"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60

"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java 6 Update 19

"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX

"{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}" = Call of Duty® 4 - Modern Warfare Demo

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{6E19F210-3813-4002-B561-94D66AA182B6}" = Attansic L1 Gigabit Ethernet Driver

"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007

"{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007

"{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007

"{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007

"{90120000-001F-0415-0000-0000000FF1CE}_HOMESTUDENTR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007

"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007

"{90120000-006E-0415-0000-0000000FF1CE}_HOMESTUDENTR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007

"{90120000-00A1-0415-0000-0000000FF1CE}_HOMESTUDENTR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver

"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E5}" = Need for Speed™ SHIFT Demo

"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web

"{f045ec64-ed96-11de-bb6e-56f655d89593}}_is1" = "Wings of Prey Demo" (Unistall)

"05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2)

"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4)

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"ALchemy" = Creative ALchemy

"AQQ" = WapSter AQQ

"AudioCS" = Creative Audio Control Panel

"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09

"Console Launcher" = Creative Console Launcher

"Creative Software AutoUpdate" = Creative Software AutoUpdate

"Creative Sound Blaster Properties" = Creative Sound Blaster Properties

"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 5.0.1 Home Edition

"ffdshow_is1" = ffdshow [rev 3291] [2010-02-26]

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallShield_{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}" = Call of Duty® 4 - Modern Warfare Demo

"IrfanView" = IrfanView (remove only)

"Lexmark 7600 Series" = Lexmark 7600 Series

"Mozilla Thunderbird (3.0.6)" = Mozilla Thunderbird (3.0.6)

"NapiProjekt_is1" = NapiProjekt 1.0.6.9

"Nokia PC Suite" = Nokia PC Suite

"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

"NVIDIA Drivers" = NVIDIA Drivers

"OpenAL" = OpenAL

"Picasa 3" = Picasa 3

"RealAlt_is1" = Real Alternative 2.0.2

"SkanerOnline" = Skaner on-line mks_vir

"Totalcmd" = Total Commander (Remove or Repair)

"uTorrent" = µTorrent

"WinGimp-2.0_is1" = GIMP 2.6.9

"WinRAR archiver" = Archiwizator WinRAR

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 2010-08-16 15:50:17 | Computer Name = Kamil-PC | Source = Application Error | ID = 1000

Description = Aplikacja powodująca błąd mplayerc.exe, wersja 6.4.9.1, sygnatura

czasowa 0x4b780a3b, moduł powodujący błąd libmplayer.dll, wersja 0.0.0.0, sygnatura

czasowa 0x4b883c1c, kod wyjątku 0xc0000005, przesunięcie błędu 0x0002ba6d, identyfikator

procesu 0x11f0, godzina rozpoczęcia aplikacji 0x01cb3d7c2a7e5ad0.

 

Error - 2010-08-16 15:50:20 | Computer Name = Kamil-PC | Source = Application Error | ID = 1000

Description = Aplikacja powodująca błąd mplayerc.exe, wersja 6.4.9.1, sygnatura

czasowa 0x4b780a3b, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005, sygnatura

czasowa 0x49e03821, kod wyjątku 0xc0000005, przesunięcie błędu 0x00067409, identyfikator

procesu 0x11f0, godzina rozpoczęcia aplikacji 0x01cb3d7c2a7e5ad0.

 

Error - 2010-08-16 15:51:49 | Computer Name = Kamil-PC | Source = Application Error | ID = 1000

Description = Aplikacja powodująca błąd mplayerc.exe, wersja 6.4.9.1, sygnatura

czasowa 0x4b780a3b, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005, sygnatura

czasowa 0x49e03821, kod wyjątku 0xc0000005, przesunięcie błędu 0x000666ab, identyfikator

procesu 0x1650, godzina rozpoczęcia aplikacji 0x01cb3d7c7329b7c0.

 

Error - 2010-08-19 06:58:45 | Computer Name = Kamil-PC | Source = Application Hang | ID = 1002

Description = Program TOTALCMD.EXE w wersji 7.5.0.1 zatrzymał interakcję z systemem

Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji

dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami

i rozwiązaniami problemów. Identyfikator procesu: a80 Godzina rozpoczęcia: 01cb3f8c546b61f0

Godzina

zakończenia: 2237

 

Error - 2010-08-20 16:39:28 | Computer Name = Kamil-PC | Source = EventSystem | ID = 4609

Description =

 

Error - 2010-08-20 16:44:30 | Computer Name = Kamil-PC | Source = EventSystem | ID = 4609

Description =

 

Error - 2010-08-20 17:21:46 | Computer Name = Kamil-PC | Source = EventSystem | ID = 4609

Description =

 

Error - 2010-08-20 17:49:16 | Computer Name = Kamil-PC | Source = Perflib | ID = 1008

Description =

 

Error - 2010-08-20 17:49:16 | Computer Name = Kamil-PC | Source = Perflib | ID = 1010

Description =

 

Error - 2010-08-20 17:49:16 | Computer Name = Kamil-PC | Source = PerfNet | ID = 2004

Description =

 

[ System Events ]

Error - 2010-04-21 09:57:10 | Computer Name = Kamil-PC | Source = EventLog | ID = 6008

Description = Poprzednie zamknięcie systemu przy 12:43:28 na 2010-04-21 było nieoczekiwane.

 

Error - 2010-04-21 10:06:40 | Computer Name = Kamil-PC | Source = Service Control Manager | ID = 7011

Description =

 

Error - 2010-04-21 10:07:10 | Computer Name = Kamil-PC | Source = Service Control Manager | ID = 7011

Description =

 

Error - 2010-04-21 10:07:16 | Computer Name = Kamil-PC | Source = Service Control Manager | ID = 7031

Description =

 

Error - 2010-04-24 20:37:58 | Computer Name = Kamil-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2010-04-24 20:37:58 | Computer Name = Kamil-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2010-04-24 20:46:42 | Computer Name = Kamil-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2010-04-24 20:46:42 | Computer Name = Kamil-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2010-04-25 07:23:04 | Computer Name = Kamil-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2010-04-25 07:23:04 | Computer Name = Kamil-PC | Source = Service Control Manager | ID = 7000

Description =

 

 

< End of report >

 

 

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

1. Wywal Nortona i wszelkie zamulacze systemu.

 

2. Przejedź MBAM + Spybot S&D.

 

3. Przejedź kompa przy pomocy Avira i/lub AVG.

 

4. Odpal program Autoruns (patrz: Google), zaznacz "Hide microsoft and Windows Entries" i pokaż listę. Podejrzane pliki bez podpisów możesz usunąć.

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

 

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""

+ "CTxfiHlp" "CTXfiHlp MFC Application" "Creative Technology Ltd" "c:\windows\system32\ctxfihlp.exe"

+ "EzPrint" "Lexmark Fast Pics Application" "Lexmark International Inc." "c:\program files\lexmark 7600 series\ezprint.exe"

+ "lxdwmon.exe" "Printer Device Monitor" "" "c:\program files\lexmark 7600 series\lxdwmon.exe"

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""

+ "Sidebar" "Pasek boczny systemu Windows" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"

"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""

+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"

"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""

+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"

"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""

+ "Microsoft Windows Mail 7" "Poczta systemu Windows" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"

"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""

+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\4.2.0.12\bushell.dll"

+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton 360\engine\4.2.0.12\navshext.dll"

+ "WinRAR" "Rozszerzenie powłoki" "Alexander Roshal" "c:\program files\winrar\rarext.dll"

"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""

+ "WinRAR" "Rozszerzenie powłoki" "Alexander Roshal" "c:\program files\winrar\rarext.dll"

"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""

+ "WinRAR" "Rozszerzenie powłoki" "Alexander Roshal" "c:\program files\winrar\rarext.dll"

"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""

+ "Nokia" "Phone Browser" "Nokia" "c:\program files\nokia\nokia pc suite 7\phonebrowser.dll"

"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""

+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"

"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""

+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\4.2.0.12\bushell.dll"

+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton 360\engine\4.2.0.12\navshext.dll"

+ "WinRAR" "Rozszerzenie powłoki" "Alexander Roshal" "c:\program files\winrar\rarext.dll"

"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""

+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""

+ "OverlayExcluded" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\4.2.0.12\bushell.dll"

+ "OverlayPending" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\4.2.0.12\bushell.dll"

+ "OverlayProtected" "Backup Shell" "Symantec Corporation" "c:\program files\norton 360\engine\4.2.0.12\bushell.dll"

"HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" "" "" ""

+ ".contact shell extension handler" "Microsoft ® Contacts DLL" "Microsoft Corporation" "c:\program files\common files\system\wab32.dll"

+ ".group shell extension handler" "Microsoft ® Contacts DLL" "Microsoft Corporation" "c:\program files\common files\system\wab32.dll"

+ "contact_wab_auto_file" "Microsoft ® Contacts DLL" "Microsoft Corporation" "c:\program files\common files\system\wab32.dll"

+ "For &People..." "Find People" "Microsoft Corporation" "c:\program files\windows mail\wabfind.dll"

+ "group_wab_auto_file" "Microsoft ® Contacts DLL" "Microsoft Corporation" "c:\program files\common files\system\wab32.dll"

+ "Microsoft Data Link" "OLE DB Core Services" "Microsoft Corporation" "c:\program files\common files\system\ole db\oledb32.dll"

+ "Microsoft Office HTML Icon Handler" "2007 Microsoft Office component" "Microsoft Corporation" "c:\program files\microsoft office\office12\msohevi.dll"

+ "Microsoft Office Metadata Handler" "Microsoft Office Shell Extension Handlers" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoshext.dll"

+ "Microsoft Office Thumbnail Handler" "Microsoft Office Shell Extension Handlers" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoshext.dll"

+ "Microsoft.ScannersAndCameras" "Panel sterowania Urządzenia do obrazowania" "Microsoft Corporation" "c:\program files\windows photo gallery\imagingdevices.exe"

+ "Nokia Phone Browser" "Phone Browser" "Nokia" "c:\program files\nokia\nokia pc suite 7\phonebrowser.dll"

+ "NvCpl DesktopContext Class" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"

+ "NVIDIA Play On My TV Context Menu Extension" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"

+ "PhotoAcqDropTarget" "Pozyskiwanie fotografii" "Microsoft Corporation" "c:\program files\windows photo gallery\photoacq.dll"

+ "Play on my TV helper" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"

+ "Tablet PC Input Panel" "Pasek wprowadzania Microsoft Tablet" "Microsoft Corporation" "c:\program files\common files\microsoft shared\ink\tipband.dll"

+ "Windows Contact Preview Handler" "Microsoft ® Contacts DLL" "Microsoft Corporation" "c:\program files\common files\system\wab32.dll"

+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"

+ "Windows Defender IOfficeAntiVirus implementation" "IOfficeAntiVirus Module" "Microsoft Corporation" "c:\program files\windows defender\mpoav.dll"

+ "Windows gadget DropTarget" "Element docelowy paska bocznego" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"

+ "Windows Media Player" "Pomocniczy pasek zadań programu Windows Media Player" "Microsoft Corporation" "c:\program files\windows media player\wmpband.dll"

+ "Windows Photo Gallery Viewer Image Verbs" "Galeria fotografii systemu Windows" "Microsoft Corporation" "c:\program files\windows photo gallery\photoviewer.dll"

+ "Windows Photo Gallery Viewer Video Verbs" "Galeria fotografii systemu Windows" "Microsoft Corporation" "c:\program files\windows photo gallery\photoviewer.dll"

+ "Windows Sidebar Properties" "Pasek boczny systemu Windows" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"

+ "WinRAR shell extension" "Rozszerzenie powłoki" "Alexander Roshal" "c:\program files\winrar\rarext.dll"

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""

+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"

+ "Java Plug-In 2 SSV Helper" "Java Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"

+ "Lexmark Printable Web" "" "" "c:\program files\lexmark printable web\bho.dll"

+ "Symantec Intrusion Prevention" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files\norton 360\engine\4.2.0.12\ipsbho.dll"

+ "Symantec NCO BHO" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton 360\engine\4.2.0.12\coieplg.dll"

"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""

+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton 360\engine\4.2.0.12\coieplg.dll"

"Task Scheduler" "" "" ""

+ "\Installation App Launcher" "" "" ""

+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"

+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"

+ "\Symantec\Symantec Error Analyzer 4.2.0.12" "Symantec Error Reporting" "Symantec Corporation" "c:\program files\norton 360\engine\4.2.0.12\symerr.exe"

+ "\Symantec\Symantec Error Processor 4.2.0.12" "Symantec Error Reporting" "Symantec Corporation" "c:\program files\norton 360\engine\4.2.0.12\symerr.exe"

"HKLM\System\CurrentControlSet\Services" "" "" ""

+ "Creative ALchemy AL6 Licensing Service" "Provides licensing services for Creative ALchemy." "Creative Labs" "c:\program files\common files\creative labs shared\service\al6licensing.exe"

+ "Creative Audio Engine Licensing Service" "Provides licensing services for Creative Audio Engine." "Creative Labs" "c:\program files\common files\creative labs shared\service\ctaelicensing.exe"

+ "CTAudSvcService" "Creative Audio Service" "Creative Technology Ltd" "c:\program files\creative\shared files\ctaudsvc.exe"

+ "gusvc" "gusvc" "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"

+ "lxdw_device" "Printer Communication System" " " "c:\windows\system32\lxdwcoms.exe"

+ "N360" "Norton 360" "Symantec Corporation" "c:\program files\norton 360\engine\4.2.0.12\ccsvchst.exe"

+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"

+ "odserv" "Uruchom części Diagnostyki pakietu Microsoft Office." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"

+ "ose" "Zapisuje pliki instalacyjne używane przy aktualizacjach i naprawach. Jest niezbędny do pobierania aktualizacji Instalatora i zgłaszania raportów programu Watson o błędach." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"

+ "ServiceLayer" "ServiceLayer Module" "Nokia" "c:\program files\pc connectivity solution\servicelayer.exe"

+ "UleadBurningHelper" "ULCDRSvr" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe"

+ "WinDefend" "Skanuj komputer w poszukiwaniu niechcianego oprogramowania, zaplanuj skanowania i pobieraj najnowsze definicje niechcianego oprogramowania." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"

+ "WMPNetworkSvc" "Udostępnia biblioteki programu Windows Media Player innym odtwarzaczom i urządzeniom multimedialnym w sieci przy użyciu technologii Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"

"HKLM\System\CurrentControlSet\Services" "" "" ""

+ "AtcL001" "Attansic L1 Gigabit Ethernet 10/100/1000Base-T Adapter" "Attansic Technology corporation." "c:\windows\system32\drivers\atl01v32.sys"

+ "BHDrvx86" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\definitions\bashdefs\20100901.003\bhdrvx86.sys"

+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"

+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"

+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"

+ "BTWUSB" "" "" "File not found: System32\Drivers\btwusb.sys"

+ "catchme" "" "" "File not found: C:\Users\Kamil\AppData\Local\Temp\catchme.sys"

+ "ccHP" "Common Client Hash Provider Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360\0402000.00c\cchpx86.sys"

+ "CT20XUT" "Creative 20X Utility Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\ct20xut.sys"

+ "CT20XUT.SYS" "Creative 20X Utility Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\ct20xut.sys"

+ "ctac32k" "Creative AC3 SW Decoder Device Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctac32k.sys"

+ "ctaud2k" "Creative WDM Audio Device Driver" "Creative Technology Ltd" "c:\windows\system32\drivers\ctaud2k.sys"

+ "ctdvda2k" "Creative DVD-Audio Device Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctdvda2k.sys"

+ "CTEXFIFX" "Creative XFi Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\ctexfifx.sys"

+ "CTEXFIFX.SYS" "Creative XFi Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\ctexfifx.sys"

+ "CTHWIUT" "Creative Utility Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\cthwiut.sys"

+ "CTHWIUT.SYS" "Creative Utility Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\cthwiut.sys"

+ "ctprxy2k" "Creative Proxy Device Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctprxy2k.sys"

+ "ctsfm2k" "SoundFont® Manager (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctsfm2k.sys"

+ "CX23880" "CX2388x Video Capture Driver" "Leadtek Research Inc." "c:\windows\system32\drivers\cx88vid.sys"

+ "CXTUNE" "CxTuner, Tuner Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\cx88tune_ibv32.sys"

+ "DwProt" "Dr.Web Protection for Windows" "Doctor Web, Ltd." "c:\windows\system32\drivers\dwprot.sys"

+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"

+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eectrl.sys"

+ "emupia" "E-mu Plug-in Architecture Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\emupia2k.sys"

+ "epmntdrv" "" "" "c:\windows\system32\epmntdrv.sys"

+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys"

+ "EuGdiDrv" "" "" "c:\windows\system32\eugdidrv.sys"

+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"

+ "grmnusb" "grmnusb.sys" "GARMIN Corp." "c:\windows\system32\drivers\grmnusb.sys"

+ "ha20x2k" "Creative 20X HAL (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ha20x2k.sys"

+ "IDSVix86" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\definitions\ipsdefs\20100917.001\idsvix86.sys"

+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"

+ "JGOGO" "SCSI Port upper filter driver" "JMicron " "c:\windows\system32\drivers\jgogo.sys"

+ "JRAID" "JMicron JMB36X RAID Driver" "JMicron Technology Corp." "c:\windows\system32\drivers\jraid.sys"

+ "MTsensor" "ATK0110 ACPI Utility" "" "c:\windows\system32\drivers\asacpi.sys"

+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\definitions\virusdefs\20100919.003\naveng.sys"

+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\definitions\virusdefs\20100919.003\navex15.sys"

+ "nmwcd" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmb.sys"

+ "nmwcdc" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmbo.sys"

+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 197.45 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"

+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"

+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"

+ "ossrv" "Creative OS Services Driver (WDM)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctoss2k.sys"

+ "pccsmcfd" "PCCS Mode Change Filter Driver" "Nokia" "c:\windows\system32\drivers\pccsmcfd.sys"

+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"

+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360\0402000.00c\srtsp.sys"

+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360\0402000.00c\srtspx.sys"

+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\n360\0402000.00c\symds.sys"

+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\n360\0402000.00c\symefa.sys"

+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent.sys"

+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360\0402000.00c\ironx86.sys"

+ "SYMTDIv" "Network Dispatch Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360\0402000.00c\symtdiv.sys"

+ "upperdev" "Filter Driver for Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\usbser_lowerflt.sys"

+ "WFLR6654" "WinFast EagleXT Driver" "Leadtek Research Inc." "c:\windows\system32\drivers\wfeaglxt.sys"

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""

+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"

+ "msacm.vorbis" "" "" "File not found: vorbis.acm"

+ "vidc.cvid" "Koder-dekoder Cinepak®" "Radius Inc." "c:\windows\system32\iccvid.dll"

+ "VIDC.FFDS" "" "" "c:\windows\system32\ff_vfw.dll"

"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""

+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "ArcSoft AAC Decoder" "ArcSoft AAC Decoder" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\aacdecode.ax"

+ "ArcSoft AAC Encoder" "AACEncoder" "ArcSoft" "c:\program files\common files\arcsoft\mpeg engine\aacencoder.ax"

+ "ArcSoft AC3 Encoder" "Mpeg2AudioEncoder" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\ac3encoderfilter.ax"

+ "ArcSoft Audio Decoder" "ArcSoft Audio Decoder" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\asaudio.ax"

+ "ArcSoft Deinterlace" "" "" "File not found: C:\PROGRA~1\COMMON~1\ArcSoft\MPEGEN~1\deinterlace.ax"

+ "Arcsoft LPCM Decoder" "LPCM Decoder" "ArcSoft" "c:\program files\common files\arcsoft\mpeg engine\lpcmdec.ax"

+ "ArcSoft MP4 Splitter" "ArcSoft MP4 Splitter Filter" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\mp4splitter.ax"

+ "ArcSoft MP4Muxer" "ArcSoft MP4 Muxer Filter " "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\mp4muxer.ax"

+ "ArcSoft Mpeg-1 Encoder Filter" "" "ArcSoft" "c:\program files\common files\arcsoft\mpeg engine\asmpeg1encoder.ax"

+ "ArcSoft Mpeg-2 Encoder Filter" "" "ArcSoft" "c:\program files\common files\arcsoft\mpeg engine\asmpeg2encoder.ax"

+ "Arcsoft Mpeg2Audio Encoder" "Mpeg2AudioEncoder" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\mpeg2audioencoder.ax"

+ "ArcSoft MPEG4 Encoder" "ArcSoft MPEG-4 Encoder Filter" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\ump4encoder.ax"

+ "ArcSoft Realtime Capture Encoder Filter" "Arc Real time Capture Encoder Filter" "Arcsoft" "c:\program files\common files\arcsoft\mpeg engine\asrealtimempeg1encoder.ax"

+ "ArcSoft Realtime Capture Encoder Filter" "Arc Real time Capture Encoder Filter" "Arcsoft" "c:\program files\common files\arcsoft\mpeg engine\asrealtimempeg2encoder.ax"

+ "ArcSoft TS Stream" "MPGDemux Filter" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\arcdemux.ax"

+ "ArcSoft Video Decoder" "ArcSoft Video Decoder" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\asvid.ax"

+ "ArcSoft Video Encoder" "ArcSoft Encoder Filter" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\arcvencoder.ax"

+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "BPM Metadata" "Creative BPM Metadata Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\metabpmu.ax"

+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "Creative AC3 Source Filter" "Creative AC3 Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\ac3srcu.ax"

+ "Creative Audio Gain Filter" "Audio Gain Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\audgain.ax"

+ "Creative CDDA Source Filter" "CDDA Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\cdda.ax"

+ "Creative File Reader Filter" "Creative File Reader Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\filreadu.ax"

+ "Creative Flac Source Filter" "Creative FLAC Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\flacsrcu.ax"

+ "Creative Internet Source Filter" "Creative Internet Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\inetsrcu.ax"

+ "Creative LiveRecording Filter_SxS" "Live Recording Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\liverecu.ax"

+ "Creative MLP Source Filter" "Creative MLP Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\mlpsrcu.ax"

+ "Creative NVF Filter" "Creative Nomad Voice File Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\nvfsrcu.ax"

+ "Creative Ogg Source Filter" "Creative Ogg Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\oggsrcu.ax"

+ "Creative PCM Raw Writer" "Creative Raw Writer" "Creative Technology Ltd" "c:\program files\creative\shared files\rawwritu.ax"

+ "Creative Recording Wav_Asio Filter" "Audio Recording Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\audiorec.ax"

+ "Creative Wave Writer" "Wave Writer" "Creative Technology Ltd" "c:\program files\creative\shared files\wavwrite.ax"

+ "Creative WMA Source Filter" "Creative WMA Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\wmasrc.ax"

+ "Creative WMA Writer" "WMA Writer" "Creative Technology Ltd" "c:\program files\creative\shared files\wmawrite.ax"

+ "CT CMSS3 filter" "Sample" "Creative Technology Ltd" "c:\program files\creative\shared files\cmss3.ax"

+ "CT HPVirtualizer filter" "Creative Headphone Virtualizer Filter" "Creative Technology, Ltd." "c:\program files\creative\shared files\virtual.ax"

+ "CT Karaoke filter" "Creative Karaoke Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\karaoke.ax"

+ "CT PDP filter" "Creative Crystalizer Filter" "Creative Technology, Ltd." "c:\program files\creative\shared files\pdp.ax"

+ "CT SmartVolumeManagement filter" "Creative Compressor Plugin" "Creative Technology Ltd." "c:\program files\creative\shared files\dscompr.ax"

+ "CT Time-Scaling filter" "Sample" "Creative Technology Ltd." "c:\program files\creative\shared files\timescal.ax"

+ "CT Upsampler filter" "Sample" "Creative Technology Ltd" "c:\program files\creative\shared files\upsample.ax"

+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\combined community codec pack\filters\vsfilter.dll"

+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\combined community codec pack\filters\vsfilter.dll"

+ "Emuzed AAC/AAC+ Decoder TFilter" "Emuzed AAC/AAC+ Decoder Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzaacdecfilter.dll"

+ "Emuzed AMR/3GPP/MP4/MP3 Multiplexer-Filter" "Emuzed MP4/3GP2/AMR/QCP Multiplexer/Sink Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\ezdmp4muxfilter.dll"

+ "Emuzed AMR/QCP/3GPP/MP4/3G2 Source Filter" "Emuzed MP4/3GP2/AMR/QCP Source Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzmp4source.dll"

+ "Emuzed H264 Video Decoder-Filter" "Emuzed H.264 Video Transform Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\ezdh264dectfilter.dll"

+ "Emuzed MP3 Source/Decoder Filter" "Emuzed MP3 Source/Decoder Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzmp3sourcefilter.dll"

+ "Emuzed MP4SP/H263 Video Decoder-Filter" "Emuzed MP4SP/H.263 Video Transform Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzdecmp4_h263.dll"

+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"

+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"

+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"

+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"

+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"

+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"

+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"

+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"

+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"

+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"

+ "Haali Video Renderer" "" "" "c:\program files\combined community codec pack\filters\haali\dxr.dll"

+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"

+ "MPC - FLV Source (Gabest)" "FLV Splitter" "Gabest" "c:\program files\combined community codec pack\filters\flvsplitter.ax"

+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "Gabest" "c:\program files\combined community codec pack\filters\flvsplitter.ax"

+ "MPC - MPEG-2 Video Decoder (Gabest)" "MPEG-2 Decoder Filter for DirectShow" "Gabest" "c:\program files\combined community codec pack\filters\mpeg2decfilter.ax"

+ "MPC - RealAudio Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files\real alternative\realmediasplitter.ax"

+ "MPC - RealMedia Source" "RealMedia Splitter" "MPC-HC Team" "c:\program files\real alternative\realmediasplitter.ax"

+ "MPC - RealMedia Splitter" "RealMedia Splitter" "MPC-HC Team" "c:\program files\real alternative\realmediasplitter.ax"

+ "MPC - RealVideo Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files\real alternative\realmediasplitter.ax"

+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "Noise Reduction" "Creative Noise Reduction Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\noisredu.ax"

+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "SVM Metadata" "Creative SVM Metadata Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\metasvmu.ax"

+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files\combined community codec pack\filters\wavpackdsdecoder.ax"

+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files\combined community codec pack\filters\wavpackdssplitter.ax"

+ "WinFast Subtitle Decoder" "" "" "File not found: C:\Program Files\WinFast\WFDTV\DVBSbtle.ax"

+ "WinFast TeleText Decoder" "" "" "File not found: C:\Program Files\WinFast\WFDTV\TTXDecoder.dll"

+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"

"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""

+ "7600 Series Port" "Printer Communication System" " " "c:\windows\system32\lxdwlmpm.dll"

+ "SUGS2 Langmon" "Language Monitor for Status Monitor" "" "c:\windows\system32\sugs2l3.dll"

"C:\Users\Kamil\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""

+ "" "" "" "C:\Users\Kamil\AppData\Local\Temp\chameleon_netbars_int.gadget.~0000"

+ "Kalendarz" "PrzeglÄ…daj dni kalendarza." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\pl-PL\Gadget.xml"

+ "Miernik CPU" "Zobacz bieżące użycie procesora CPU i pamięci systemowej (RAM) komputera." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\pl-PL\Gadget.xml"

+ "Notatki" "Zapisuj pomysły, notatki i przypomnienia łatwo i szybko." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Notes.Gadget\pl-PL\Gadget.xml"

+ "Pogoda" "Obserwuj pogodę w różnych miejscach na świecie." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\pl-PL\Gadget.xml"

 

 

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

Nie wiem czemu, ale strasznie po oczach wali mi Norton - cały pakiet, który pakuje się gdzie tylko może.

Odinstaluj całość tego wynalazku, wyczyść kompa przy pomocy CCleaner i pokaż jeszcze raz loga.

Jak bym miał zgadywać, to backup shell jest winne.

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

po wywaleniu nortona i restarcie sytuacja bez zmian

 

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""

+ "CTxfiHlp" "CTXfiHlp MFC Application" "Creative Technology Ltd" "c:\windows\system32\ctxfihlp.exe"

+ "EzPrint" "Lexmark Fast Pics Application" "Lexmark International Inc." "c:\program files\lexmark 7600 series\ezprint.exe"

+ "lxdwmon.exe" "Printer Device Monitor" "" "c:\program files\lexmark 7600 series\lxdwmon.exe"

"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""

+ "WinRAR" "Rozszerzenie powłoki" "Alexander Roshal" "c:\program files\winrar\rarext.dll"

"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""

+ "MBAMShlExt" "Malwarebytes' Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"

"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""

+ "WinRAR" "Rozszerzenie powłoki" "Alexander Roshal" "c:\program files\winrar\rarext.dll"

"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""

+ "WinRAR" "Rozszerzenie powłoki" "Alexander Roshal" "c:\program files\winrar\rarext.dll"

"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""

+ "Nokia" "Phone Browser" "Nokia" "c:\program files\nokia\nokia pc suite 7\phonebrowser.dll"

"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""

+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"

"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""

+ "MBAMShlExt" "Malwarebytes' Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"

+ "WinRAR" "Rozszerzenie powłoki" "Alexander Roshal" "c:\program files\winrar\rarext.dll"

"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""

+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"

"HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" "" "" ""

+ "Nokia Phone Browser" "Phone Browser" "Nokia" "c:\program files\nokia\nokia pc suite 7\phonebrowser.dll"

+ "NvCpl DesktopContext Class" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"

+ "NVIDIA Play On My TV Context Menu Extension" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"

+ "Play on my TV helper" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"

+ "WinRAR shell extension" "Rozszerzenie powłoki" "Alexander Roshal" "c:\program files\winrar\rarext.dll"

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""

+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"

+ "Java Plug-In 2 SSV Helper" "Java Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"

+ "Lexmark Printable Web" "" "" "c:\program files\lexmark printable web\bho.dll"

"Task Scheduler" "" "" ""

+ "\Installation App Launcher" "" "" ""

+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"

+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"

"HKLM\System\CurrentControlSet\Services" "" "" ""

+ "Creative ALchemy AL6 Licensing Service" "Provides licensing services for Creative ALchemy." "Creative Labs" "c:\program files\common files\creative labs shared\service\al6licensing.exe"

+ "Creative Audio Engine Licensing Service" "Provides licensing services for Creative Audio Engine." "Creative Labs" "c:\program files\common files\creative labs shared\service\ctaelicensing.exe"

+ "CTAudSvcService" "Creative Audio Service" "Creative Technology Ltd" "c:\program files\creative\shared files\ctaudsvc.exe"

+ "gusvc" "gusvc" "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"

+ "lxdw_device" "Printer Communication System" " " "c:\windows\system32\lxdwcoms.exe"

+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"

+ "ServiceLayer" "ServiceLayer Module" "Nokia" "c:\program files\pc connectivity solution\servicelayer.exe"

+ "UleadBurningHelper" "ULCDRSvr" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe"

"HKLM\System\CurrentControlSet\Services" "" "" ""

+ "AtcL001" "Attansic L1 Gigabit Ethernet 10/100/1000Base-T Adapter" "Attansic Technology corporation." "c:\windows\system32\drivers\atl01v32.sys"

+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"

+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"

+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"

+ "BTWUSB" "" "" "File not found: System32\Drivers\btwusb.sys"

+ "catchme" "" "" "File not found: C:\Users\Kamil\AppData\Local\Temp\catchme.sys"

+ "CT20XUT" "Creative 20X Utility Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\ct20xut.sys"

+ "CT20XUT.SYS" "Creative 20X Utility Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\ct20xut.sys"

+ "ctac32k" "Creative AC3 SW Decoder Device Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctac32k.sys"

+ "ctaud2k" "Creative WDM Audio Device Driver" "Creative Technology Ltd" "c:\windows\system32\drivers\ctaud2k.sys"

+ "ctdvda2k" "Creative DVD-Audio Device Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctdvda2k.sys"

+ "CTEXFIFX" "Creative XFi Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\ctexfifx.sys"

+ "CTEXFIFX.SYS" "Creative XFi Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\ctexfifx.sys"

+ "CTHWIUT" "Creative Utility Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\cthwiut.sys"

+ "CTHWIUT.SYS" "Creative Utility Effects" "Creative Technology Ltd." "c:\windows\system32\drivers\cthwiut.sys"

+ "ctprxy2k" "Creative Proxy Device Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctprxy2k.sys"

+ "ctsfm2k" "SoundFont® Manager (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ctsfm2k.sys"

+ "CX23880" "CX2388x Video Capture Driver" "Leadtek Research Inc." "c:\windows\system32\drivers\cx88vid.sys"

+ "CXTUNE" "CxTuner, Tuner Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\cx88tune_ibv32.sys"

+ "DwProt" "Dr.Web Protection for Windows" "Doctor Web, Ltd." "c:\windows\system32\drivers\dwprot.sys"

+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"

+ "emupia" "E-mu Plug-in Architecture Driver (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\emupia2k.sys"

+ "epmntdrv" "" "" "c:\windows\system32\epmntdrv.sys"

+ "EuGdiDrv" "" "" "c:\windows\system32\eugdidrv.sys"

+ "grmnusb" "grmnusb.sys" "GARMIN Corp." "c:\windows\system32\drivers\grmnusb.sys"

+ "ha20x2k" "Creative 20X HAL (WDM)" "Creative Technology Ltd" "c:\windows\system32\drivers\ha20x2k.sys"

+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"

+ "JGOGO" "SCSI Port upper filter driver" "JMicron " "c:\windows\system32\drivers\jgogo.sys"

+ "JRAID" "JMicron JMB36X RAID Driver" "JMicron Technology Corp." "c:\windows\system32\drivers\jraid.sys"

+ "MTsensor" "ATK0110 ACPI Utility" "" "c:\windows\system32\drivers\asacpi.sys"

+ "nmwcd" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmb.sys"

+ "nmwcdc" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmbo.sys"

+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 197.45 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"

+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"

+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"

+ "ossrv" "Creative OS Services Driver (WDM)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctoss2k.sys"

+ "pccsmcfd" "PCCS Mode Change Filter Driver" "Nokia" "c:\windows\system32\drivers\pccsmcfd.sys"

+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"

+ "upperdev" "Filter Driver for Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\usbser_lowerflt.sys"

+ "WFLR6654" "WinFast EagleXT Driver" "Leadtek Research Inc." "c:\windows\system32\drivers\wfeaglxt.sys"

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""

+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"

+ "msacm.vorbis" "" "" "File not found: vorbis.acm"

+ "vidc.cvid" "Koder-dekoder Cinepak®" "Radius Inc." "c:\windows\system32\iccvid.dll"

+ "VIDC.FFDS" "" "" "c:\windows\system32\ff_vfw.dll"

"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""

+ "ArcSoft AAC Decoder" "ArcSoft AAC Decoder" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\aacdecode.ax"

+ "ArcSoft AAC Encoder" "AACEncoder" "ArcSoft" "c:\program files\common files\arcsoft\mpeg engine\aacencoder.ax"

+ "ArcSoft AC3 Encoder" "Mpeg2AudioEncoder" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\ac3encoderfilter.ax"

+ "ArcSoft Audio Decoder" "ArcSoft Audio Decoder" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\asaudio.ax"

+ "Arcsoft LPCM Decoder" "LPCM Decoder" "ArcSoft" "c:\program files\common files\arcsoft\mpeg engine\lpcmdec.ax"

+ "ArcSoft MP4 Splitter" "ArcSoft MP4 Splitter Filter" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\mp4splitter.ax"

+ "ArcSoft MP4Muxer" "ArcSoft MP4 Muxer Filter " "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\mp4muxer.ax"

+ "ArcSoft Mpeg-1 Encoder Filter" "" "ArcSoft" "c:\program files\common files\arcsoft\mpeg engine\asmpeg1encoder.ax"

+ "ArcSoft Mpeg-2 Encoder Filter" "" "ArcSoft" "c:\program files\common files\arcsoft\mpeg engine\asmpeg2encoder.ax"

+ "Arcsoft Mpeg2Audio Encoder" "Mpeg2AudioEncoder" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\mpeg2audioencoder.ax"

+ "ArcSoft MPEG4 Encoder" "ArcSoft MPEG-4 Encoder Filter" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\ump4encoder.ax"

+ "ArcSoft Realtime Capture Encoder Filter" "Arc Real time Capture Encoder Filter" "Arcsoft" "c:\program files\common files\arcsoft\mpeg engine\asrealtimempeg1encoder.ax"

+ "ArcSoft Realtime Capture Encoder Filter" "Arc Real time Capture Encoder Filter" "Arcsoft" "c:\program files\common files\arcsoft\mpeg engine\asrealtimempeg2encoder.ax"

+ "ArcSoft TS Stream" "MPGDemux Filter" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\arcdemux.ax"

+ "ArcSoft Video Decoder" "ArcSoft Video Decoder" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\asvid.ax"

+ "ArcSoft Video Encoder" "ArcSoft Encoder Filter" "ArcSoft Inc." "c:\program files\common files\arcsoft\mpeg engine\arcvencoder.ax"

+ "BPM Metadata" "Creative BPM Metadata Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\metabpmu.ax"

+ "Creative AC3 Source Filter" "Creative AC3 Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\ac3srcu.ax"

+ "Creative Audio Gain Filter" "Audio Gain Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\audgain.ax"

+ "Creative CDDA Source Filter" "CDDA Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\cdda.ax"

+ "Creative File Reader Filter" "Creative File Reader Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\filreadu.ax"

+ "Creative Flac Source Filter" "Creative FLAC Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\flacsrcu.ax"

+ "Creative Internet Source Filter" "Creative Internet Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\inetsrcu.ax"

+ "Creative LiveRecording Filter_SxS" "Live Recording Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\liverecu.ax"

+ "Creative MLP Source Filter" "Creative MLP Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\mlpsrcu.ax"

+ "Creative NVF Filter" "Creative Nomad Voice File Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\nvfsrcu.ax"

+ "Creative Ogg Source Filter" "Creative Ogg Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\oggsrcu.ax"

+ "Creative PCM Raw Writer" "Creative Raw Writer" "Creative Technology Ltd" "c:\program files\creative\shared files\rawwritu.ax"

+ "Creative Recording Wav_Asio Filter" "Audio Recording Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\audiorec.ax"

+ "Creative Wave Writer" "Wave Writer" "Creative Technology Ltd" "c:\program files\creative\shared files\wavwrite.ax"

+ "Creative WMA Source Filter" "Creative WMA Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\wmasrc.ax"

+ "Creative WMA Writer" "WMA Writer" "Creative Technology Ltd" "c:\program files\creative\shared files\wmawrite.ax"

+ "CT CMSS3 filter" "Sample" "Creative Technology Ltd" "c:\program files\creative\shared files\cmss3.ax"

+ "CT HPVirtualizer filter" "Creative Headphone Virtualizer Filter" "Creative Technology, Ltd." "c:\program files\creative\shared files\virtual.ax"

+ "CT Karaoke filter" "Creative Karaoke Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\karaoke.ax"

+ "CT PDP filter" "Creative Crystalizer Filter" "Creative Technology, Ltd." "c:\program files\creative\shared files\pdp.ax"

+ "CT SmartVolumeManagement filter" "Creative Compressor Plugin" "Creative Technology Ltd." "c:\program files\creative\shared files\dscompr.ax"

+ "CT Time-Scaling filter" "Sample" "Creative Technology Ltd." "c:\program files\creative\shared files\timescal.ax"

+ "CT Upsampler filter" "Sample" "Creative Technology Ltd" "c:\program files\creative\shared files\upsample.ax"

+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\combined community codec pack\filters\vsfilter.dll"

+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\combined community codec pack\filters\vsfilter.dll"

+ "Emuzed AAC/AAC+ Decoder TFilter" "Emuzed AAC/AAC+ Decoder Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzaacdecfilter.dll"

+ "Emuzed AMR/3GPP/MP4/MP3 Multiplexer-Filter" "Emuzed MP4/3GP2/AMR/QCP Multiplexer/Sink Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\ezdmp4muxfilter.dll"

+ "Emuzed AMR/QCP/3GPP/MP4/3G2 Source Filter" "Emuzed MP4/3GP2/AMR/QCP Source Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzmp4source.dll"

+ "Emuzed H264 Video Decoder-Filter" "Emuzed H.264 Video Transform Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\ezdh264dectfilter.dll"

+ "Emuzed MP3 Source/Decoder Filter" "Emuzed MP3 Source/Decoder Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzmp3sourcefilter.dll"

+ "Emuzed MP4SP/H263 Video Decoder-Filter" "Emuzed MP4SP/H.263 Video Transform Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzdecmp4_h263.dll"

+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"

+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"

+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"

+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"

+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"

+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\ffdshow\ffdshow.ax"

+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"

+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"

+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"

+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"

+ "Haali Video Renderer" "" "" "c:\program files\combined community codec pack\filters\haali\dxr.dll"

+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\combined community codec pack\filters\haali\splitter.ax"

+ "MPC - FLV Source (Gabest)" "FLV Splitter" "Gabest" "c:\program files\combined community codec pack\filters\flvsplitter.ax"

+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "Gabest" "c:\program files\combined community codec pack\filters\flvsplitter.ax"

+ "MPC - MPEG-2 Video Decoder (Gabest)" "MPEG-2 Decoder Filter for DirectShow" "Gabest" "c:\program files\combined community codec pack\filters\mpeg2decfilter.ax"

+ "MPC - RealAudio Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files\real alternative\realmediasplitter.ax"

+ "MPC - RealMedia Source" "RealMedia Splitter" "MPC-HC Team" "c:\program files\real alternative\realmediasplitter.ax"

+ "MPC - RealMedia Splitter" "RealMedia Splitter" "MPC-HC Team" "c:\program files\real alternative\realmediasplitter.ax"

+ "MPC - RealVideo Decoder" "RealMedia Splitter" "MPC-HC Team" "c:\program files\real alternative\realmediasplitter.ax"

+ "Noise Reduction" "Creative Noise Reduction Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\noisredu.ax"

+ "SVM Metadata" "Creative SVM Metadata Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\metasvmu.ax"

+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files\combined community codec pack\filters\wavpackdsdecoder.ax"

+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files\combined community codec pack\filters\wavpackdssplitter.ax"

"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""

+ "7600 Series Port" "Printer Communication System" " " "c:\windows\system32\lxdwlmpm.dll"

+ "SUGS2 Langmon" "Language Monitor for Status Monitor" "" "c:\windows\system32\sugs2l3.dll"

"C:\Users\Kamil\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""

+ "" "" "" "C:\Users\Kamil\AppData\Local\Temp\chameleon_netbars_int.gadget.~0000"

 

 

 

Edytowane przez Niemiec

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

O! Nie wiem, jak mi to umknęło za pierwszym razem...

 

+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"

+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"

 

+ "DwProt" "Dr.Web Protection for Windows" "Doctor Web, Ltd." "c:\windows\system32\drivers\dwprot.sys"

I jeszcze "sugs2l3.dll" jest podejrzane.

 

Użyłeś Avira i AVG? Usunęły coś? Tego poniżej nie powinno już być. Jak jest, to usuń ręcznie:

 

[2010-08-20 21:29:33 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2010-08-20 21:29:33 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2010-08-20 21:29:33 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2010-08-20 21:28:32 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2010-07-27 23:57:27 | 000,122,104 | ---- | C] (Doctor Web, Ltd.) -- C:\Windows\System32\drivers\dwprot.sys

[2010-08-20 21:29:33 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2010-08-20 21:29:33 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2010-08-20 21:29:33 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2010-08-20 21:29:33 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe

[2010-08-20 21:29:33 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

Potem przejedź CCleaner i daj nowy log z OTL.

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

chcialem usunac i nie moglem nawet w safe mode i poszukalem dla czego.

gatherWirelessInfo.vbs - Security Warning Vulnerable vbs file!

gatherWiredInfo.vbs - Security Warning Vulnerable vbs file!

 

ten sugs2l3.dll wyglada, ze ma cos wspolnego z kombajnem lexmarka.

 

pliki z dolnego cytatu wywalilem, zaraz dam loga z otl a avire lub avg puszcze na noc.

 

otl

 

 

OTL logfile created on: 2010-09-20 23:56:39 - Run 2

OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Kamil\Desktop\vir

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18943)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free

7,00 Gb Paging File | 6,00 Gb Available in Paging File | 91,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 48,86 Gb Total Space | 28,18 Gb Free Space | 57,67% Space Free | Partition Type: NTFS

Drive D: | 92,01 Gb Total Space | 82,92 Gb Free Space | 90,12% Space Free | Partition Type: NTFS

Drive E: | 92,02 Gb Total Space | 27,12 Gb Free Space | 29,47% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: KAMIL

Current User Name: Kamil

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Processes (SafeList) ==========

 

PRC - [2010-08-21 00:07:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\vir\OTL.exe

PRC - [2010-06-30 14:52:22 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe

PRC - [2009-09-24 08:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TOTALCMD.EXE

PRC - [2009-06-04 01:55:16 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\Ctxfihlp.exe

PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009-02-23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe

PRC - [2008-09-10 23:15:26 | 000,131,752 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 7600 Series\ezprint.exe

PRC - [2008-09-10 23:15:24 | 000,676,520 | ---- | M] () -- C:\Program Files\Lexmark 7600 Series\lxdwmon.exe

PRC - [2008-05-17 04:33:10 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdwcoms.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010-08-21 00:07:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\vir\OTL.exe

MOD - [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll

MOD - [2008-01-19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2010-02-26 20:23:23 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)

SRV - [2010-02-26 19:24:59 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2010-01-26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2009-02-23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

SRV - [2008-05-17 04:33:10 | 000,594,600 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxdwcoms.exe -- (lxdw_device)

SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stop_Pending] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [File_System | Boot | Stopped] -- C:\Windows\System32\drivers\dwprot.sys -- (DwProt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Kamil\AppData\Local\Temp\catchme.sys -- (catchme)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\btwusb.sys -- (BTWUSB)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)

DRV - [2010-04-03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2010-01-21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2010-01-20 17:53:06 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)

DRV - [2010-01-20 17:53:04 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)

DRV - [2009-12-30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2009-12-30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2009-06-04 03:48:12 | 001,177,624 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)

DRV - [2009-06-04 03:48:00 | 000,095,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)

DRV - [2009-06-04 03:47:50 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)

DRV - [2009-06-04 03:47:42 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)

DRV - [2009-06-04 03:47:34 | 000,130,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)

DRV - [2009-06-04 03:47:24 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)

DRV - [2009-06-04 03:47:14 | 000,526,232 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)

DRV - [2009-06-04 03:47:06 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)

DRV - [2009-06-04 03:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)

DRV - [2009-06-04 03:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)

DRV - [2009-06-04 03:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)

DRV - [2009-06-04 03:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)

DRV - [2009-06-04 03:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)

DRV - [2009-06-04 03:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)

DRV - [2008-12-25 08:56:42 | 000,433,792 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast TV2000 XP Expert (FM1216MK3)

DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2008-01-19 08:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV - [2007-03-24 12:20:24 | 000,046,208 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID)

DRV - [2007-03-15 16:41:14 | 000,048,128 | ---- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atl01v32.sys -- (AtcL001)

DRV - [2006-11-02 14:00:28 | 000,017,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cx88tune_IBV32.sys -- (CXTUNE)

DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)

DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2006-10-18 23:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

DRV - [2006-02-07 20:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\JGOGO.sys -- (JGOGO)

DRV - [2005-08-11 08:13:00 | 000,163,584 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cx88vid.sys -- (CX23880)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-09-09 20:57:52 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

 

[2010-02-26 20:55:01 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions

[2010-02-26 20:55:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

 

O1 HOSTS File: ([2010-08-20 21:36:04 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()

O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 7600 Series\ezprint.exe (Lexmark International Inc.)

O4 - HKLM..\Run: [lxdwmon.exe] C:\Program Files\Lexmark 7600 Series\lxdwmon.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.156.63.9 82.139.8.7

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Kamil\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp

O24 - Desktop BackupWallPaper: C:\Users\Kamil\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010-09-20 19:17:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2010-09-20 19:16:48 | 003,427,248 | ---- | C] (Piriform Ltd) -- C:\Users\Kamil\Desktop\ccsetup235.exe

[2010-09-20 19:09:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010-09-20 19:09:05 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010-09-20 19:04:31 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\Autoruns

[2010-09-12 22:14:15 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\CrashDumps

[2010-09-12 20:38:40 | 000,000,000 | ---D | C] -- C:\Program Files\MaxPunkte 5

[2010-09-12 16:53:23 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\NVIDIA Corporation

[2010-09-09 18:45:40 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\EurekaLog

[2010-08-28 00:19:21 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe

[2010-08-28 00:19:21 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll

[2010-08-28 00:19:21 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll

[2010-08-28 00:16:12 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll

[2010-08-28 00:16:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2010-08-28 00:15:56 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2010-08-28 00:15:56 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2010-08-28 00:15:56 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2010-08-28 00:15:56 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010-08-28 00:15:56 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2010-08-28 00:15:56 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2010-08-28 00:15:56 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2010-08-28 00:15:56 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2010-08-28 00:15:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2010-08-28 00:15:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2010-08-28 00:15:55 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2010-08-28 00:15:55 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2010-08-28 00:15:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010-08-28 00:15:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2010-08-28 00:15:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2010-08-28 00:15:42 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2010-08-28 00:15:41 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2010-08-28 00:15:37 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2010-08-28 00:15:27 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll

[2010-08-27 10:12:17 | 000,000,000 | ---D | C] -- C:\logs

[2010-08-22 21:01:08 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2010-03-20 17:20:25 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDWhcp.dll

[2010-03-20 17:20:25 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdwinpa.dll

[2010-03-20 17:20:24 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxdwserv.dll

[2010-03-20 17:20:24 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdwusb1.dll

[2010-03-20 17:20:24 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdwiesc.dll

[2010-03-20 17:20:23 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdwpmui.dll

[2010-03-20 17:20:23 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdwlmpm.dll

[2010-03-20 17:20:22 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\lxdwhbn3.dll

[2010-03-20 17:20:17 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdwcomc.dll

[2010-03-20 17:20:17 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdwcomm.dll

[2009-06-04 01:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll

 

========== Files - Modified Within 30 Days ==========

 

[2010-09-20 23:52:04 | 000,079,437 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2010-09-20 23:52:04 | 000,079,437 | ---- | M] () -- C:\ProgramData\nvModes.001

[2010-09-20 23:51:54 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010-09-20 23:51:54 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010-09-20 23:51:52 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010-09-20 23:51:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010-09-20 23:51:06 | 002,621,440 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT

[2010-09-20 23:51:05 | 000,524,288 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms

[2010-09-20 23:51:05 | 000,065,536 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf

[2010-09-20 23:45:26 | 000,055,300 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

[2010-09-20 23:45:26 | 000,055,300 | ---- | M] () -- C:\Windows\System32\BMXState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

[2010-09-20 23:45:26 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

[2010-09-20 19:16:49 | 003,427,248 | ---- | M] (Piriform Ltd) -- C:\Users\Kamil\Desktop\ccsetup235.exe

[2010-09-20 19:04:27 | 000,618,945 | ---- | M] () -- C:\Users\Kamil\Desktop\Autoruns.zip

[2010-09-19 23:28:32 | 000,031,232 | ---- | M] () -- C:\Users\Kamil\Desktop\ksiegowe.xls

[2010-09-18 12:34:02 | 001,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010-09-18 12:34:02 | 000,661,818 | ---- | M] () -- C:\Windows\System32\perfh015.dat

[2010-09-18 12:34:02 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010-09-18 12:34:02 | 000,126,702 | ---- | M] () -- C:\Windows\System32\perfc015.dat

[2010-09-18 12:34:02 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010-09-15 16:54:25 | 000,126,117 | ---- | M] () -- C:\Users\Kamil\Desktop\PK_SC_pytania.pdf

[2010-09-11 20:07:33 | 000,018,944 | ---- | M] () -- C:\Users\Kamil\Desktop\komp.xls

[2010-09-09 22:24:02 | 002,552,459 | ---- | M] () -- C:\Users\Kamil\Desktop\poradnik-uzytkownika-bankowosci-internetowej-polbank24.pdf

[2010-09-07 00:07:31 | 000,269,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010-08-27 22:49:34 | 000,102,797 | ---- | M] () -- C:\Users\Kamil\Desktop\IMG_0118e.JPG

[2010-08-27 22:46:53 | 000,001,123 | ---- | M] () -- C:\Users\Kamil\Desktop\AQQ odebrane.lnk

[2010-08-22 20:59:32 | 000,001,356 | ---- | M] () -- C:\Users\Kamil\AppData\Local\d3d9caps.dat

[2010-08-21 23:58:06 | 000,001,887 | ---- | M] () -- C:\Windows\diagwrn.xml

[2010-08-21 23:58:06 | 000,001,887 | ---- | M] () -- C:\Windows\diagerr.xml

 

========== Files Created - No Company Name ==========

 

[2010-09-20 19:04:13 | 000,618,945 | ---- | C] () -- C:\Users\Kamil\Desktop\Autoruns.zip

[2010-09-15 16:54:25 | 000,126,117 | ---- | C] () -- C:\Users\Kamil\Desktop\PK_SC_pytania.pdf

[2010-09-12 20:38:40 | 000,495,616 | ---- | C] () -- C:\Windows\System32\D3DX8ab.dll

[2010-09-11 19:26:07 | 000,018,944 | ---- | C] () -- C:\Users\Kamil\Desktop\komp.xls

[2010-09-09 22:23:54 | 002,552,459 | ---- | C] () -- C:\Users\Kamil\Desktop\poradnik-uzytkownika-bankowosci-internetowej-polbank24.pdf

[2010-08-27 22:52:37 | 000,102,797 | ---- | C] () -- C:\Users\Kamil\Desktop\IMG_0118e.JPG

[2010-08-27 22:46:53 | 000,001,123 | ---- | C] () -- C:\Users\Kamil\Desktop\AQQ odebrane.lnk

[2010-04-25 02:49:15 | 000,000,002 | ---- | C] () -- C:\Windows\System32\Dvbpws.dll

[2010-03-20 17:35:26 | 000,013,020 | ---- | C] () -- C:\ProgramData\lxdw.log

[2010-03-20 17:33:37 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdwvs.dll

[2010-03-20 17:20:25 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDWinst.dll

[2010-03-20 17:20:21 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdwgrd.dll

[2010-03-20 17:17:33 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxdwcoin.dll

[2010-03-20 17:05:53 | 000,000,187 | ---- | C] () -- C:\ProgramData\lxdwDiagnostics.log

[2010-03-20 17:01:33 | 000,000,252 | ---- | C] () -- C:\ProgramData\FastPics.log

[2010-03-20 16:59:31 | 000,000,000 | ---- | C] () -- C:\ProgramData\UpdaterLog.txt

[2010-03-06 14:21:47 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll

[2010-03-06 14:21:46 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys

[2010-03-06 14:21:46 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys

[2010-03-06 02:53:54 | 000,000,303 | ---- | C] () -- C:\Windows\game.ini

[2010-03-03 21:46:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2010-02-27 12:24:07 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2010-02-27 04:15:45 | 000,019,456 | ---- | C] () -- C:\Users\Kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-02-27 03:53:52 | 000,000,509 | ---- | C] () -- C:\Windows\WINCMD.INI

[2010-02-26 20:42:17 | 000,079,437 | ---- | C] () -- C:\ProgramData\nvModes.001

[2010-02-26 20:11:49 | 000,079,437 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2010-02-26 19:24:18 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL

[2010-02-26 19:24:18 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL

[2010-02-26 19:01:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

[2010-02-26 19:01:26 | 000,012,358 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

[2010-02-26 19:01:20 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS

[2010-02-26 18:54:28 | 000,001,356 | ---- | C] () -- C:\Users\Kamil\AppData\Local\d3d9caps.dat

[2009-06-19 21:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2009-06-04 02:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\System32\instwdm.ini

[2009-06-04 02:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini

[2009-06-04 01:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll

[2009-06-04 01:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\CTXFIRES.DLL

[2009-05-27 10:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\System32\kill.ini

[2006-12-04 01:25:14 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugs2l3.dll

[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

< End of report >

 

 

 

Edytowane przez Niemiec

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

mbam

 

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Wersja bazy: 4657

 

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18943

 

2010-09-21 06:20:27

mbam-log-2010-09-21 (06-20-27).txt

 

Typ skanowania: Szybkie skanowanie

Przeskanowano obiektów: 133452

Upłynęło: 3 minut(y), 25 sekund(y)

 

Zainfekowanych procesów w pamięci: 0

Zainfekowanych modułów w pamięci: 0

Zainfekowanych kluczy rejestru: 0

Zainfekowanych wartości rejestru: 0

Zainfekowane informacje rejestru systemowego: 0

Zainfekowanych folderów: 0

Zainfekowanych plików: 1

 

Zainfekowanych procesów w pamięci:

(Nie znaleziono zagrożeń)

 

Zainfekowanych modułów w pamięci:

(Nie znaleziono zagrożeń)

 

Zainfekowanych kluczy rejestru:

(Nie znaleziono zagrożeń)

 

Zainfekowanych wartości rejestru:

(Nie znaleziono zagrożeń)

 

Zainfekowane informacje rejestru systemowego:

(Nie znaleziono zagrożeń)

 

Zainfekowanych folderów:

(Nie znaleziono zagrożeń)

 

Zainfekowanych plików:

C:\Windows\System32\D3DX8ab.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.

 

 

 

restart po instalacji aviry i mozliwosc kozystania z OS po 20min czyli tak jak bylo do tej pory.

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

A od czego się zaczęło i kiedy? Może po instalacji jakiegoś programu?

 

Z daty postów wnoszę, że 30 dni w OTL to może być mało. Ustaw na 60, albo nawet 90.

 

Ewentualnie wyłącz wszystkie programy z autostartu (razem z sidebarem) i włączaj po kolei.

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

wg. aviry jest czysto.

nie pamietam od czego sie zaczelo.

 

otl 90dni

 

 

OTL logfile created on: 2010-09-21 16:33:08 - Run 3

OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Kamil\Desktop\vir

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18943)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free

7,00 Gb Paging File | 6,00 Gb Available in Paging File | 84,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 48,86 Gb Total Space | 27,97 Gb Free Space | 57,24% Space Free | Partition Type: NTFS

Drive D: | 92,01 Gb Total Space | 82,92 Gb Free Space | 90,12% Space Free | Partition Type: NTFS

Drive E: | 92,02 Gb Total Space | 27,12 Gb Free Space | 29,47% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: KAMIL

Current User Name: Kamil

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 90 Days

Output = Standard

 

========== Processes (SafeList) ==========

 

PRC - [2010-09-10 09:51:38 | 008,004,608 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe

PRC - [2010-08-21 00:07:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\vir\OTL.exe

PRC - [2010-06-30 14:52:22 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe

PRC - [2010-04-01 13:37:38 | 000,433,832 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avscan.exe

PRC - [2010-03-02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009-02-23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe

PRC - [2008-09-10 23:15:26 | 000,131,752 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 7600 Series\ezprint.exe

PRC - [2008-09-10 23:15:24 | 000,676,520 | ---- | M] () -- C:\Program Files\Lexmark 7600 Series\lxdwmon.exe

PRC - [2008-05-17 04:33:10 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdwcoms.exe

PRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010-08-21 00:07:07 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\vir\OTL.exe

MOD - [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll

MOD - [2008-01-19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2010-02-26 20:23:23 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)

SRV - [2010-02-26 19:24:59 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2010-01-26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2009-02-23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

SRV - [2008-05-17 04:33:10 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdwcoms.exe -- (lxdw_device)

SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [File_System | Boot | Stopped] -- C:\Windows\System32\drivers\dwprot.sys -- (DwProt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Kamil\AppData\Local\Temp\catchme.sys -- (catchme)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\btwusb.sys -- (BTWUSB)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)

DRV - [2010-04-03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2010-03-01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2010-02-16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2010-01-21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)

DRV - [2010-01-20 17:53:06 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)

DRV - [2010-01-20 17:53:04 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)

DRV - [2009-12-30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)

DRV - [2009-12-30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)

DRV - [2009-06-04 03:48:12 | 001,177,624 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)

DRV - [2009-06-04 03:48:00 | 000,095,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)

DRV - [2009-06-04 03:47:50 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)

DRV - [2009-06-04 03:47:42 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)

DRV - [2009-06-04 03:47:34 | 000,130,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)

DRV - [2009-06-04 03:47:24 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)

DRV - [2009-06-04 03:47:14 | 000,526,232 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)

DRV - [2009-06-04 03:47:06 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)

DRV - [2009-06-04 03:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)

DRV - [2009-06-04 03:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)

DRV - [2009-06-04 03:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)

DRV - [2009-06-04 03:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)

DRV - [2009-06-04 03:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)

DRV - [2009-06-04 03:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)

DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2008-12-25 08:56:42 | 000,433,792 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast TV2000 XP Expert (FM1216MK3)

DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2008-01-19 08:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV - [2007-03-24 12:20:24 | 000,046,208 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID)

DRV - [2007-03-15 16:41:14 | 000,048,128 | ---- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atl01v32.sys -- (AtcL001)

DRV - [2006-11-02 14:00:28 | 000,017,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cx88tune_IBV32.sys -- (CXTUNE)

DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)

DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2006-10-18 23:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

DRV - [2006-02-07 20:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\JGOGO.sys -- (JGOGO)

DRV - [2005-08-11 08:13:00 | 000,163,584 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cx88vid.sys -- (CX23880)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010-09-09 20:57:52 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

 

[2010-02-26 20:55:01 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions

[2010-02-26 20:55:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

 

O1 HOSTS File: ([2010-08-20 21:36:04 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 7600 Series\ezprint.exe (Lexmark International Inc.)

O4 - HKLM..\Run: [lxdwmon.exe] C:\Program Files\Lexmark 7600 Series\lxdwmon.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.156.63.9 82.139.8.7

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Kamil\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp

O24 - Desktop BackupWallPaper: C:\Users\Kamil\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 90 Days ==========

 

[2010-09-21 06:27:04 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Avira

[2010-09-21 00:02:33 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2010-09-21 00:02:33 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys

[2010-09-21 00:02:33 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys

[2010-09-21 00:02:33 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys

[2010-09-21 00:02:33 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys

[2010-09-21 00:02:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2010-09-21 00:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\Avira

[2010-09-20 19:17:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2010-09-20 19:16:48 | 003,427,248 | ---- | C] (Piriform Ltd) -- C:\Users\Kamil\Desktop\ccsetup235.exe

[2010-09-20 19:09:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010-09-20 19:09:05 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010-09-20 19:04:31 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\Autoruns

[2010-09-12 22:14:15 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\CrashDumps

[2010-09-12 20:38:40 | 000,000,000 | ---D | C] -- C:\Program Files\MaxPunkte 5

[2010-09-12 16:53:23 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\NVIDIA Corporation

[2010-09-09 18:45:40 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\EurekaLog

[2010-08-28 00:19:21 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe

[2010-08-28 00:19:21 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll

[2010-08-28 00:19:21 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll

[2010-08-28 00:16:12 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll

[2010-08-28 00:16:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2010-08-28 00:15:56 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2010-08-28 00:15:56 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2010-08-28 00:15:56 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2010-08-28 00:15:56 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010-08-28 00:15:56 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2010-08-28 00:15:56 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2010-08-28 00:15:56 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2010-08-28 00:15:56 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2010-08-28 00:15:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2010-08-28 00:15:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2010-08-28 00:15:55 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2010-08-28 00:15:55 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2010-08-28 00:15:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010-08-28 00:15:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2010-08-28 00:15:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2010-08-28 00:15:42 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2010-08-28 00:15:41 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2010-08-28 00:15:37 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2010-08-28 00:15:27 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll

[2010-08-27 10:12:17 | 000,000,000 | ---D | C] -- C:\logs

[2010-08-22 21:01:08 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2010-08-21 21:16:47 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\HD Tune Pro

[2010-08-21 21:16:43 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune Pro

[2010-08-21 18:38:48 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2010-08-21 18:38:48 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\temp

[2010-08-21 18:38:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2010-08-20 22:54:50 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Tific

[2010-08-20 21:29:29 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2010-07-28 22:13:08 | 000,000,000 | ---D | C] -- C:\Users\Kamil\DoctorWeb

[2010-07-28 21:29:03 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Malwarebytes

[2010-07-28 21:28:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010-07-28 21:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010-07-28 06:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline

[2010-07-27 23:49:48 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2010-07-27 23:27:31 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\vir

[2010-07-27 23:24:24 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\nis

[2010-07-27 22:44:14 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\Symantec

[2010-07-27 22:14:00 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Need for Speed World

[2010-07-27 22:04:12 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\Electronic_Arts_Inc

[2010-07-26 20:19:58 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Axgoid

[2010-07-23 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\CoreTemp32

[2010-07-10 16:55:39 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\fotki rozne

[2010-07-09 19:32:00 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\ACD Systems

[2010-07-09 19:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ACD Systems

[2010-07-09 18:57:31 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Softplicity

[2010-07-09 16:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2010-07-09 16:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mystik Media

[2010-07-09 16:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Soft Gold

[2010-07-08 22:01:04 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2010-07-01 18:59:34 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\gtk-2.0

[2010-07-01 18:28:33 | 000,000,000 | ---D | C] -- C:\Users\Kamil\.thumbnails

[2010-07-01 16:42:43 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Documents\gegl-0.0

[2010-07-01 16:42:43 | 000,000,000 | ---D | C] -- C:\Users\Kamil\.gimp-2.6

[2010-07-01 16:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0

[2010-07-01 16:39:50 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\mapka

[2010-06-30 22:06:43 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack

[2010-06-26 19:31:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe

[2010-06-24 20:10:23 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\encyklopedia_broni

[2010-03-20 17:20:25 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDWhcp.dll

[2010-03-20 17:20:25 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdwinpa.dll

[2010-03-20 17:20:24 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\lxdwserv.dll

[2010-03-20 17:20:24 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdwusb1.dll

[2010-03-20 17:20:24 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdwiesc.dll

[2010-03-20 17:20:23 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\lxdwpmui.dll

[2010-03-20 17:20:23 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\lxdwlmpm.dll

[2010-03-20 17:20:22 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\lxdwhbn3.dll

[2010-03-20 17:20:17 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\lxdwcomc.dll

[2010-03-20 17:20:17 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdwcomm.dll

[2009-06-04 01:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll

 

========== Files - Modified Within 90 Days ==========

 

[2010-09-21 16:33:10 | 002,621,440 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT

[2010-09-21 16:29:09 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010-09-21 16:29:09 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010-09-21 06:54:57 | 001,468,980 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010-09-21 06:54:57 | 000,661,818 | ---- | M] () -- C:\Windows\System32\perfh015.dat

[2010-09-21 06:54:57 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010-09-21 06:54:57 | 000,126,702 | ---- | M] () -- C:\Windows\System32\perfc015.dat

[2010-09-21 06:54:57 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010-09-21 06:29:21 | 000,079,437 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2010-09-21 06:29:20 | 000,079,437 | ---- | M] () -- C:\ProgramData\nvModes.001

[2010-09-21 06:29:12 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010-09-21 06:29:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010-09-21 06:28:14 | 000,055,300 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

[2010-09-21 06:28:14 | 000,055,300 | ---- | M] () -- C:\Windows\System32\BMXState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

[2010-09-21 06:28:14 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

[2010-09-21 06:28:13 | 000,524,288 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms

[2010-09-21 06:28:13 | 000,065,536 | -HS- | M] () -- C:\Users\Kamil\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf

[2010-09-21 06:27:17 | 001,484,156 | -H-- | M] () -- C:\Users\Kamil\AppData\Local\IconCache.db

[2010-09-20 19:16:49 | 003,427,248 | ---- | M] (Piriform Ltd) -- C:\Users\Kamil\Desktop\ccsetup235.exe

[2010-09-20 19:04:27 | 000,618,945 | ---- | M] () -- C:\Users\Kamil\Desktop\Autoruns.zip

[2010-09-19 23:28:32 | 000,031,232 | ---- | M] () -- C:\Users\Kamil\Desktop\ksiegowe.xls

[2010-09-15 16:54:25 | 000,126,117 | ---- | M] () -- C:\Users\Kamil\Desktop\PK_SC_pytania.pdf

[2010-09-11 20:07:33 | 000,018,944 | ---- | M] () -- C:\Users\Kamil\Desktop\komp.xls

[2010-09-09 22:24:02 | 002,552,459 | ---- | M] () -- C:\Users\Kamil\Desktop\poradnik-uzytkownika-bankowosci-internetowej-polbank24.pdf

[2010-09-07 00:07:31 | 000,269,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010-08-27 22:49:34 | 000,102,797 | ---- | M] () -- C:\Users\Kamil\Desktop\IMG_0118e.JPG

[2010-08-27 22:46:53 | 000,001,123 | ---- | M] () -- C:\Users\Kamil\Desktop\AQQ odebrane.lnk

[2010-08-22 20:59:32 | 000,001,356 | ---- | M] () -- C:\Users\Kamil\AppData\Local\d3d9caps.dat

[2010-08-21 23:58:06 | 000,001,887 | ---- | M] () -- C:\Windows\diagwrn.xml

[2010-08-21 23:58:06 | 000,001,887 | ---- | M] () -- C:\Windows\diagerr.xml

[2010-08-21 21:31:07 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll

[2010-08-21 21:31:07 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll

[2010-08-21 21:31:07 | 000,000,087 | RH-- | M] () -- C:\Windows\ctfile.rfc

[2010-08-21 18:48:48 | 000,055,300 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx

[2010-08-21 18:48:48 | 000,055,300 | ---- | M] () -- C:\Windows\System32\BMXState-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx

[2010-08-21 18:48:48 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx

[2010-08-21 18:36:30 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini

[2010-08-20 21:36:04 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2010-08-16 18:44:01 | 000,002,073 | ---- | M] () -- C:\Users\Kamil\.recently-used.xbel

[2010-08-16 17:20:09 | 000,035,840 | ---- | M] () -- C:\Users\Kamil\Desktop\tytuly.doc

[2010-08-16 17:19:27 | 000,035,328 | ---- | M] () -- C:\Users\Kamil\Desktop\mandaty.doc

[2010-08-04 17:23:43 | 000,096,689 | ---- | M] () -- C:\Users\Kamil\Desktop\96a35ec98c.jpeg

[2010-07-29 06:57:35 | 000,059,280 | ---- | M] () -- C:\Users\Kamil\AppData\Local\GDIPFONTCACHEV1.DAT

[2010-07-24 20:33:10 | 000,028,160 | ---- | M] () -- C:\Users\Kamil\Desktop\Nikon D80.doc

[2010-07-23 23:37:36 | 000,019,456 | ---- | M] () -- C:\Users\Kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-07-20 12:44:28 | 000,164,937 | ---- | M] () -- C:\Users\Kamil\Desktop\podanie.pdf

[2010-07-14 20:02:03 | 000,026,624 | ---- | M] () -- C:\Users\Kamil\Desktop\oswiadczenie rach.doc

[2010-07-09 22:02:03 | 000,073,693 | ---- | M] () -- C:\Users\Kamil\Desktop\YIELD2.jpg

[2010-07-09 21:57:55 | 000,003,542 | ---- | M] () -- C:\Users\Kamil\Desktop\YIELD.CGM

[2010-07-08 08:36:40 | 000,047,677 | ---- | M] () -- C:\Users\Kamil\Documents\2.prn

[2010-06-26 08:03:22 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2010-06-26 08:03:02 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2010-06-26 08:03:02 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010-06-26 08:02:31 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2010-06-26 08:02:26 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2010-06-26 08:02:15 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2010-06-26 08:02:15 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2010-06-26 08:02:15 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2010-06-26 08:02:14 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2010-06-26 08:02:14 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2010-06-26 08:02:09 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010-06-26 06:25:02 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2010-06-26 06:24:51 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2010-06-26 06:24:17 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2010-06-26 06:23:53 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

 

========== Files Created - No Company Name ==========

 

[2010-09-20 19:04:13 | 000,618,945 | ---- | C] () -- C:\Users\Kamil\Desktop\Autoruns.zip

[2010-09-15 16:54:25 | 000,126,117 | ---- | C] () -- C:\Users\Kamil\Desktop\PK_SC_pytania.pdf

[2010-09-11 19:26:07 | 000,018,944 | ---- | C] () -- C:\Users\Kamil\Desktop\komp.xls

[2010-09-09 22:23:54 | 002,552,459 | ---- | C] () -- C:\Users\Kamil\Desktop\poradnik-uzytkownika-bankowosci-internetowej-polbank24.pdf

[2010-08-27 22:52:37 | 000,102,797 | ---- | C] () -- C:\Users\Kamil\Desktop\IMG_0118e.JPG

[2010-08-27 22:46:53 | 000,001,123 | ---- | C] () -- C:\Users\Kamil\Desktop\AQQ odebrane.lnk

[2010-08-21 23:52:27 | 000,001,887 | ---- | C] () -- C:\Windows\diagwrn.xml

[2010-08-21 23:52:27 | 000,001,887 | ---- | C] () -- C:\Windows\diagerr.xml

[2010-08-21 21:36:02 | 000,055,300 | ---- | C] () -- C:\Windows\System32\BMXStateBkp-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

[2010-08-21 21:36:02 | 000,055,300 | ---- | C] () -- C:\Windows\System32\BMXState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

[2010-08-21 21:36:02 | 000,000,788 | ---- | C] () -- C:\Windows\System32\DVCState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx

[2010-08-16 18:44:01 | 000,002,073 | ---- | C] () -- C:\Users\Kamil\.recently-used.xbel

[2010-08-16 17:20:09 | 000,035,840 | ---- | C] () -- C:\Users\Kamil\Desktop\tytuly.doc

[2010-08-16 17:19:26 | 000,035,328 | ---- | C] () -- C:\Users\Kamil\Desktop\mandaty.doc

[2010-08-04 17:23:43 | 000,096,689 | ---- | C] () -- C:\Users\Kamil\Desktop\96a35ec98c.jpeg

[2010-07-24 19:31:54 | 000,028,160 | ---- | C] () -- C:\Users\Kamil\Desktop\Nikon D80.doc

[2010-07-20 12:40:18 | 000,164,937 | ---- | C] () -- C:\Users\Kamil\Desktop\podanie.pdf

[2010-07-14 19:59:46 | 000,026,624 | ---- | C] () -- C:\Users\Kamil\Desktop\oswiadczenie rach.doc

[2010-07-09 22:01:58 | 000,073,693 | ---- | C] () -- C:\Users\Kamil\Desktop\YIELD2.jpg

[2010-07-09 21:57:55 | 000,003,542 | ---- | C] () -- C:\Users\Kamil\Desktop\YIELD.CGM

[2010-07-08 08:42:14 | 000,047,677 | ---- | C] () -- C:\Users\Kamil\Documents\2.prn

[2010-04-25 02:49:15 | 000,000,002 | ---- | C] () -- C:\Windows\System32\Dvbpws.dll

[2010-03-20 17:35:26 | 000,013,020 | ---- | C] () -- C:\ProgramData\lxdw.log

[2010-03-20 17:33:37 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdwvs.dll

[2010-03-20 17:20:25 | 000,389,120 | ---- | C] () -- C:\Windows\System32\LXDWinst.dll

[2010-03-20 17:20:21 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdwgrd.dll

[2010-03-20 17:17:33 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxdwcoin.dll

[2010-03-20 17:05:53 | 000,000,187 | ---- | C] () -- C:\ProgramData\lxdwDiagnostics.log

[2010-03-20 17:01:33 | 000,000,252 | ---- | C] () -- C:\ProgramData\FastPics.log

[2010-03-20 16:59:31 | 000,000,000 | ---- | C] () -- C:\ProgramData\UpdaterLog.txt

[2010-03-06 14:21:47 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll

[2010-03-06 14:21:46 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys

[2010-03-06 14:21:46 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys

[2010-03-06 02:53:54 | 000,000,303 | ---- | C] () -- C:\Windows\game.ini

[2010-03-03 21:46:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2010-02-27 12:24:07 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2010-02-27 04:15:45 | 000,019,456 | ---- | C] () -- C:\Users\Kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-02-27 03:53:52 | 000,000,509 | ---- | C] () -- C:\Windows\WINCMD.INI

[2010-02-26 20:42:17 | 000,079,437 | ---- | C] () -- C:\ProgramData\nvModes.001

[2010-02-26 20:11:49 | 000,079,437 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2010-02-26 19:24:18 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL

[2010-02-26 19:24:18 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL

[2010-02-26 19:01:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

[2010-02-26 19:01:26 | 000,012,358 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

[2010-02-26 19:01:20 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS

[2010-02-26 18:54:28 | 000,001,356 | ---- | C] () -- C:\Users\Kamil\AppData\Local\d3d9caps.dat

[2009-06-19 21:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll

[2009-06-19 21:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2009-06-04 02:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\System32\instwdm.ini

[2009-06-04 02:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini

[2009-06-04 01:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll

[2009-06-04 01:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\CTXFIRES.DLL

[2009-05-27 10:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\System32\kill.ini

[2006-12-04 01:25:14 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugs2l3.dll

[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

< End of report >

 

 

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

Szybki skan nic nie daje. Użyj pełnego lub najlepiej MHDD (opis na forum, tudzież w Sieci) - szukaj wg postów Kwazor'a. ;]

 

Widzę natomiast, że masz UDMA 5, podczas gdy sprzęt może lecieć na UDMA6. Ergo wywal kontrolery dysku i restart kompa.

Udostępnij tę odpowiedź


Odnośnik do odpowiedzi
Udostępnij na innych stronach

Dołącz do dyskusji

Możesz dodać zawartość już teraz a zarejestrować się później. Jeśli posiadasz już konto, zaloguj się aby dodać zawartość za jego pomocą.

Gość
Dodaj odpowiedź do tematu...

×   Wklejono zawartość z formatowaniem.   Przywróć formatowanie

  Dozwolonych jest tylko 75 emoji.

×   Odnośnik został automatycznie osadzony.   Przywróć wyświetlanie jako odnośnik

×   Przywrócono poprzednią zawartość.   Wyczyść edytor

×   Nie możesz bezpośrednio wkleić grafiki. Dodaj lub załącz grafiki z adresu URL.

Ładowanie


×
×
  • Dodaj nową pozycję...