Skocz do zawartości
Aviel

Problem z Firefox Prośba o sprawdzenie logów

Przez Aviel, w Centrum Bezpieczeństwa

Rekomendowane odpowiedzi

Aviel Newbie

Aviel

Opublikowano
Opublikowano (edytowane)

Witam

Mam problem z firefox, a mianowicie po każdym uruchomieniu i przeglądnięciu kilku stron najpierw otwiera jakąś reklamę trzeba dać wstecz lub "skip this ad" aby wróciła do poprzednio przeglądanej strony lub wywala błąd i zamyka przeglądarkę. Chrome działa jak należy IE także. Podejrzewam jakieś trojany/wirusy ale nie mogę sobie z tym poradzić. Proszę o pomoc

Wklejam log z combofix:

 

 

 

ComboFix 11-03-17.02 - Przemo 2011-03-18 10:41:44.2.4 - x64

Microsoft Windows 7 Ultimate 6.1.7600.0.1250.48.1045.18.4095.2759 [GMT 1:00]

Uruchomiony z: c:\users\Przemo\Desktop\ComboFix.exe

AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Pliki utworzone od 2011-02-18 do 2011-03-18 )))))))))))))))))))))))))))))))

.

.

2011-03-18 09:45 . 2011-03-18 09:45 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-03-17 21:39 . 2011-03-17 21:43 -------- d-----w- c:\users\Przemo\AppData\Local\NPE

2011-03-17 21:01 . 2011-03-17 21:04 -------- d-----w- c:\users\Przemo\AppData\Local\Google

2011-03-17 08:40 . 2011-03-17 08:40 -------- d-----w- c:\programdata\Ubisoft

2011-03-17 08:39 . 2011-03-17 08:39 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2011-03-17 08:39 . 2011-03-17 08:39 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2011-03-17 08:39 . 2011-03-17 08:39 -------- d-----w- c:\users\Przemo\AppData\Roaming\PunkBuster

2011-03-17 08:38 . 2011-03-17 08:38 -------- d-----w- c:\program files (x86)\Ubisoft

2011-03-16 20:46 . 2011-03-16 20:46 -------- d-----w- c:\users\Przemo\AppData\Local\3DMGAME

2011-03-16 19:37 . 2011-03-16 19:39 -------- d-----w- c:\users\Przemo\AppData\Local\PhoenixViewer

2011-03-16 19:37 . 2011-03-16 19:37 -------- d-----w- c:\users\Przemo\AppData\Roaming\SecondLife

2011-03-16 19:30 . 2011-03-16 19:30 -------- d-----w- c:\windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP

2011-03-16 08:10 . 2011-03-16 08:54 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2011-03-16 08:10 . 2011-03-16 08:10 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2011-03-15 20:39 . 2011-03-15 20:46 -------- d-----w- c:\program files (x86)\ChrisTV Lite

2011-03-15 17:56 . 2011-03-15 17:56 -------- d-----w- c:\users\Przemo\AppData\Local\Risen

2011-03-15 17:55 . 2011-03-15 17:55 314016 ----a-w- c:\windows\system32\drivers\atksgt.sys

2011-03-15 17:55 . 2011-03-15 17:55 43680 ----a-w- c:\windows\system32\drivers\lirsgt.sys

2011-03-15 17:55 . 2011-03-15 17:55 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP

2011-03-14 18:44 . 2011-01-24 17:21 2575360 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82799ce0-8a16-ac09-7df4-f53d3ed04b87}\components\f6721059.dll

2011-03-14 18:02 . 2011-03-14 19:37 -------- d-----w- c:\users\Przemo\AppData\Roaming\DarksporeData

2011-03-14 14:11 . 2011-03-14 14:11 -------- d-----w- c:\users\Przemo\AppData\Local\ElevatedDiagnostics

2011-03-14 13:44 . 2011-03-14 13:44 513080 ----a-w- c:\windows\system32\drivers\sptd.sys

2011-03-14 13:44 . 2011-03-14 13:44 -------- d--h--r- c:\users\Przemo\AppData\Roaming\SecuROM

2011-03-13 21:30 . 2011-03-16 20:47 -------- d-----w- c:\users\Przemo\AppData\Local\CrashDumps

2011-03-12 19:56 . 2011-03-12 19:56 -------- d-----w- c:\users\Przemo\AppData\Local\Stonetrip

2011-03-12 14:50 . 2011-03-12 14:50 -------- d-----w- c:\programdata\PopCap Games

2011-03-10 09:09 . 2011-03-10 09:09 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared

2011-03-10 09:07 . 2011-03-10 09:07 174640 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS

2011-03-10 09:07 . 2011-03-10 09:07 -------- d-----w- c:\program files\Symantec

2011-03-10 09:07 . 2011-03-10 09:07 -------- d-----w- c:\program files\Common Files\Symantec Shared

2011-03-10 09:07 . 2011-03-13 07:04 -------- d-----w- c:\windows\system32\drivers\NISx64

2011-03-10 09:07 . 2011-03-10 09:07 -------- d-----w- c:\program files (x86)\Norton Internet Security

2011-03-10 09:07 . 2011-03-17 21:40 -------- d-----w- c:\programdata\Norton

2011-03-10 09:07 . 2011-03-10 09:07 -------- d-----w- c:\program files (x86)\NortonInstaller

2011-03-10 08:49 . 2011-03-10 08:49 -------- d-----w- c:\programdata\MFAData

2011-03-09 08:19 . 2010-12-23 06:07 1118720 ----a-w- c:\windows\system32\sbe.dll

2011-03-09 08:19 . 2010-12-23 06:07 961024 ----a-w- c:\windows\system32\CPFilters.dll

2011-03-09 08:19 . 2010-12-23 06:07 723968 ----a-w- c:\windows\system32\EncDec.dll

2011-03-09 08:19 . 2010-12-23 06:02 259072 ----a-w- c:\windows\system32\mpg2splt.ax

2011-03-09 08:19 . 2010-12-23 05:28 850432 ----a-w- c:\windows\SysWow64\sbe.dll

2011-03-09 08:19 . 2010-12-23 05:28 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll

2011-03-09 08:19 . 2010-12-23 05:28 534528 ----a-w- c:\windows\SysWow64\EncDec.dll

2011-03-09 08:19 . 2010-12-23 05:24 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax

2011-03-09 08:18 . 2010-12-18 06:12 3138048 ----a-w- c:\windows\system32\mstscax.dll

2011-03-09 08:18 . 2010-12-18 06:08 1097216 ----a-w- c:\windows\system32\mstsc.exe

2011-03-09 08:18 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\SysWow64\mstscax.dll

2011-03-09 08:18 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\SysWow64\mstsc.exe

2011-03-08 16:00 . 2011-03-08 16:00 -------- d-----w- c:\users\Przemo\AppData\Roaming\Publish Providers

2011-03-08 15:50 . 2011-03-08 15:50 -------- d-----w- c:\windows\SysWow64\spool

2011-03-08 15:50 . 2011-03-08 15:50 -------- d-----w- c:\programdata\Sony

2011-03-08 15:50 . 2011-03-08 15:50 -------- d-----w- c:\program files (x86)\Sony

2011-03-08 15:07 . 2011-03-08 15:54 -------- d-----w- c:\users\Przemo\AppData\Local\Sony

2011-03-08 15:04 . 2011-03-08 16:00 -------- d-----w- c:\users\Przemo\AppData\Roaming\Sony

2011-03-08 12:03 . 2011-03-08 12:03 -------- d-----w- c:\users\Przemo\AppData\Roaming\Namco

2011-03-08 06:51 . 2011-02-11 07:30 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{58A02577-137F-4998-8C79-63BCBF0B1425}\mpengine.dll

2011-03-07 20:53 . 2011-03-07 20:53 -------- d-----w- c:\users\Przemo\AppData\Local\ALI213

2011-03-07 16:18 . 2011-03-07 16:18 -------- d-----w- c:\program files (x86)\PlayReady

2011-03-07 16:14 . 2011-03-07 16:14 -------- d-----w- c:\users\Przemo\AppData\Roaming\RDRM

2011-03-07 16:14 . 2011-03-07 16:19 -------- d-----w- c:\users\Przemo\AppData\Roaming\ipla

2011-03-07 16:14 . 2011-03-07 16:18 -------- d-----w- c:\programdata\ipla

2011-03-07 16:14 . 2011-03-07 16:20 -------- d-----w- c:\program files (x86)\ipla

2011-03-07 16:13 . 2011-03-07 16:13 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll

2011-03-07 16:13 . 2011-03-07 16:13 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll

2011-03-06 12:13 . 2011-03-06 12:13 -------- d-----w- c:\users\Przemo\AppData\Roaming\Floodlight Games

2011-03-06 12:13 . 2011-03-06 12:13 -------- d-----w- c:\programdata\Floodlight Games

2011-03-04 16:59 . 2011-03-04 16:59 -------- d-----w- c:\users\Przemo\AppData\Roaming\Nicalis

2011-03-04 00:20 . 2011-03-04 00:20 -------- d-----w- c:\program files (x86)\NVIDIA Corporation

2011-03-04 00:20 . 2011-03-04 00:20 -------- d-----w- c:\users\Przemo\AppData\Local\2K Games

2011-03-02 16:38 . 2011-03-02 16:38 -------- d-----w- c:\users\Przemo\AppData\Roaming\Awem

2011-03-02 11:17 . 2011-03-14 13:54 -------- d-----w- c:\users\Przemo\AppData\Local\Aspyr

2011-03-02 08:40 . 2011-03-02 08:40 -------- d-----w- c:\programdata\Codemasters

2011-03-02 08:38 . 2010-03-01 19:51 17686528 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll

2011-03-02 08:38 . 2011-03-02 08:38 466520 ----a-w- c:\windows\system32\wrap_oal.dll

2011-03-02 08:38 . 2011-03-02 08:38 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll

2011-03-02 08:38 . 2011-03-02 08:38 122968 ----a-w- c:\windows\system32\OpenAL32.dll

2011-03-02 08:38 . 2011-03-02 08:38 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll

2011-03-02 08:38 . 2011-03-02 08:38 -------- d-----w- c:\program files (x86)\OpenAL

2011-03-02 08:38 . 2010-08-18 15:10 809560 ----a-r- c:\windows\SysWow64\tmp46BA.tmp

2011-03-01 15:11 . 2011-03-01 15:11 -------- d-----w- c:\users\Przemo\AppData\Roaming\IBAGroup

2011-03-01 09:08 . 2011-03-01 09:08 -------- d-----w- c:\programdata\Electronic Arts

2011-03-01 09:08 . 2011-03-01 09:08 -------- d-----w- c:\programdata\EA Core

2011-02-28 14:01 . 2011-02-28 14:01 -------- d-----w- c:\programdata\Solidshield

2011-02-28 11:24 . 2011-02-28 11:24 -------- d-----w- c:\users\Przemo\AppData\Roaming\YoudaGames

2011-02-27 20:37 . 2011-02-27 20:37 -------- d-----w- c:\users\Przemo\VirtualBox VMs

2011-02-27 20:37 . 2011-02-28 11:18 -------- d-----w- c:\users\Przemo\.VirtualBox

2011-02-27 20:36 . 2011-02-17 16:21 228272 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys

2011-02-27 20:36 . 2011-02-27 20:36 -------- dc----w- c:\windows\system32\DRVSTORE

2011-02-27 20:36 . 2011-02-17 16:21 56688 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys

2011-02-27 20:36 . 2011-02-27 20:36 -------- d-----w- c:\program files\Oracle

2011-02-27 20:26 . 2011-02-27 20:26 -------- d-----w- c:\windows\system32\appmgmt

2011-02-27 17:37 . 2011-02-27 17:37 -------- d-----w- c:\users\Przemo\AppData\Local\Targem

2011-02-27 15:48 . 2011-02-27 15:48 -------- d-----w- c:\programdata\Cabela's Outdoor Adventures Saves

2011-02-27 15:04 . 2011-02-27 15:04 -------- d-----w- c:\programdata\RELOADED

2011-02-27 15:03 . 2011-02-27 15:03 -------- d-----w- c:\program files (x86)\Microsoft XNA

2011-02-25 20:40 . 2011-02-26 09:41 -------- d-----w- c:\users\Przemo\AppData\Local\storage

2011-02-24 08:59 . 2011-02-24 08:59 -------- d-----w- c:\programdata\McAfee

2011-02-23 08:40 . 2011-02-23 08:40 -------- d-----w- c:\users\Przemo\AppData\Local\3-D HUNTING 2010

2011-02-22 20:57 . 2011-03-12 07:59 -------- d-----w- c:\program files (x86)\Common Files\BioWare

2011-02-22 13:33 . 2011-02-22 20:17 -------- d-----w- C:\Fraps

2011-02-22 12:46 . 2011-03-16 19:30 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard

2011-02-22 12:46 . 2011-02-22 12:46 -------- d-----w- c:\windows\SysWow64\xlive

2011-02-22 12:46 . 2011-02-22 12:46 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE

2011-02-21 08:02 . 2011-02-02 20:40 472808 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

2011-02-21 08:02 . 2011-02-02 20:40 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-02-21 08:02 . 2011-02-21 08:08 -------- d-----w- c:\program files (x86)\JDownloader

2011-02-17 19:12 . 2011-02-17 19:12 -------- d-----w- c:\program files (x86)\Microsoft Silverlight

2011-02-17 16:21 . 2011-02-17 16:21 156080 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys

2011-02-17 16:21 . 2011-02-17 16:21 320816 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll

2011-02-17 16:21 . 2011-02-17 16:21 175664 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys

2011-02-16 21:56 . 2011-02-16 21:56 -------- d-----w- c:\program files (x86)\NAPI-PROJEKT

2011-02-16 12:14 . 2011-02-16 12:14 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Ustawienia lokalne

2011-02-16 12:14 . 2011-02-16 12:14 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Dane aplikacji

2011-02-16 12:14 . 2011-02-16 12:14 -------- d-----w- c:\users\Przemo\AppData\Local\Programs

.

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-02-23 23:17 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll

2011-02-23 23:17 . 2009-08-18 10:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-02-15 17:26 . 2011-02-15 17:26 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2011-02-02 16:11 . 2011-02-15 11:25 270720 ------w- c:\windows\system32\MpSigStub.exe

2011-01-24 17:21 . 2011-01-24 17:21 2641920 ----a-w- c:\windows\SysWow64\9ed192ef.dll

2011-01-07 08:06 . 2011-02-15 11:29 46080 ----a-w- c:\windows\system32\atmlib.dll

2011-01-07 07:27 . 2011-02-15 11:29 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2011-01-07 05:49 . 2011-02-15 11:29 366080 ----a-w- c:\windows\system32\atmfd.dll

2011-01-07 05:33 . 2011-02-15 11:29 294400 ----a-w- c:\windows\SysWow64\atmfd.dll

2011-01-05 06:20 . 2011-02-15 11:29 612352 ----a-w- c:\windows\system32\vbscript.dll

2011-01-05 05:37 . 2011-02-15 11:29 428032 ----a-w- c:\windows\SysWow64\vbscript.dll

2011-01-05 04:00 . 2011-02-15 11:30 3127808 ----a-w- c:\windows\system32\win32k.sys

2011-01-05 03:37 . 2011-01-05 03:37 8283136 ----a-w- c:\windows\system32\drivers\atikmdag.sys

2011-01-05 03:22 . 2011-01-05 03:22 22100480 ----a-w- c:\windows\system32\atio6axx.dll

2011-01-05 03:03 . 2011-01-05 03:03 17043968 ----a-w- c:\windows\SysWow64\atioglxx.dll

2011-01-05 03:02 . 2011-01-05 03:02 143360 ----a-w- c:\windows\system32\atiapfxx.exe

2011-01-05 03:02 . 2011-01-05 03:02 596480 ----a-w- c:\windows\SysWow64\aticfx32.dll

2011-01-05 03:01 . 2011-01-05 03:01 708608 ----a-w- c:\windows\system32\aticfx64.dll

2011-01-05 02:58 . 2011-01-05 02:58 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll

2011-01-05 02:58 . 2011-01-05 02:58 480256 ----a-w- c:\windows\system32\atieclxx.exe

2011-01-05 02:57 . 2011-01-05 02:57 203776 ----a-w- c:\windows\system32\atiesrxx.exe

2011-01-05 02:56 . 2011-01-05 02:56 120320 ----a-w- c:\windows\system32\atitmm64.dll

2011-01-05 02:56 . 2011-01-05 02:56 423424 ----a-w- c:\windows\system32\atipdl64.dll

2011-01-05 02:56 . 2011-01-05 02:56 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll

2011-01-05 02:55 . 2011-01-05 02:55 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll

2011-01-05 02:55 . 2011-01-05 02:55 16384 ----a-w- c:\windows\system32\atimuixx.dll

2011-01-05 02:55 . 2011-01-05 02:55 59392 ----a-w- c:\windows\system32\atiedu64.dll

2011-01-05 02:55 . 2011-01-05 02:55 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll

2011-01-05 02:52 . 2011-01-05 02:52 4101632 ----a-w- c:\windows\SysWow64\atidxx32.dll

2011-01-05 02:43 . 2009-07-13 21:59 4844544 ----a-w- c:\windows\system32\atidxx64.dll

2011-01-05 02:33 . 2011-01-05 02:33 51200 ----a-w- c:\windows\system32\aticalrt64.dll

2011-01-05 02:33 . 2011-01-05 02:33 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll

2011-01-05 02:33 . 2011-01-05 02:33 44544 ----a-w- c:\windows\system32\aticalcl64.dll

2011-01-05 02:33 . 2011-01-05 02:33 4162048 ----a-w- c:\windows\SysWow64\atiumdag.dll

2011-01-05 02:33 . 2011-01-05 02:33 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll

2011-01-05 02:33 . 2011-01-05 02:33 6815232 ----a-w- c:\windows\system32\aticaldd64.dll

2011-01-05 02:32 . 2011-01-05 02:32 1208320 ----a-w- c:\windows\system32\atiumd6v.dll

2011-01-05 02:32 . 2011-01-05 02:32 3218944 ----a-w- c:\windows\system32\atiumd6a.dll

2011-01-05 02:31 . 2011-01-05 02:31 5441024 ----a-w- c:\windows\SysWow64\aticaldd.dll

2011-01-05 02:28 . 2011-01-05 02:28 58880 ----a-w- c:\windows\system32\coinst.dll

2011-01-05 02:27 . 2011-01-05 02:27 5305856 ----a-w- c:\windows\system32\atiumd64.dll

2011-01-05 02:25 . 2011-01-05 02:25 3461120 ----a-w- c:\windows\SysWow64\atiumdva.dll

2011-01-05 02:20 . 2011-01-05 02:20 353792 ----a-w- c:\windows\system32\atiadlxx.dll

2011-01-05 02:20 . 2011-01-05 02:20 249856 ----a-w- c:\windows\SysWow64\atiadlxy.dll

2011-01-05 02:19 . 2011-01-05 02:19 14848 ----a-w- c:\windows\system32\atig6pxx.dll

2011-01-05 02:19 . 2011-01-05 02:19 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll

2011-01-05 02:19 . 2011-01-05 02:19 12800 ----a-w- c:\windows\system32\atiglpxx.dll

2011-01-05 02:19 . 2011-01-05 02:19 32256 ----a-w- c:\windows\system32\atig6txx.dll

2011-01-05 02:19 . 2011-01-05 02:19 27648 ----a-w- c:\windows\SysWow64\atigktxx.dll

2011-01-05 02:19 . 2011-01-05 02:19 294400 ----a-w- c:\windows\system32\drivers\atikmpag.sys

2011-01-05 02:18 . 2011-01-05 02:18 39936 ----a-w- c:\windows\system32\atiuxp64.dll

2011-01-05 02:18 . 2011-01-05 02:18 30720 ----a-w- c:\windows\SysWow64\atiuxpag.dll

2011-01-05 02:18 . 2011-01-05 02:18 38400 ----a-w- c:\windows\system32\atiu9p64.dll

2011-01-05 02:18 . 2011-01-05 02:18 28672 ----a-w- c:\windows\SysWow64\atiu9pag.dll

2011-01-05 02:17 . 2011-01-05 02:17 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2011-01-05 02:11 . 2011-01-05 02:11 53760 ----a-w- c:\windows\system32\atimpc64.dll

2011-01-05 02:11 . 2011-01-05 02:11 53760 ----a-w- c:\windows\system32\amdpcom64.dll

2011-01-05 02:11 . 2011-01-05 02:11 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll

2011-01-05 02:11 . 2011-01-05 02:11 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2011-03-18_09.30.58 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-07-14 05:10 . 2011-03-18 09:38 27478 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2011-02-15 11:21 . 2011-03-18 09:37 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-02-15 11:21 . 2011-03-16 08:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:46 . 2011-03-18 09:39 71736 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

- 2011-02-15 11:21 . 2011-03-16 08:54 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-02-15 11:21 . 2011-03-18 09:37 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2011-02-15 11:21 . 2011-03-16 08:54 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-02-15 11:21 . 2011-03-18 09:37 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-02-15 11:21 . 2011-03-18 09:37 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-02-15 11:21 . 2011-03-16 08:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-02-15 11:21 . 2011-03-16 08:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-02-15 11:21 . 2011-03-18 09:37 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-02-15 11:22 . 2011-03-18 09:38 7192 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1191709296-600291842-2282869072-1001_UserData.bin

+ 2011-03-18 09:37 . 2011-03-18 09:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2011-03-16 08:54 . 2011-03-16 08:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-03-18 09:37 . 2011-03-18 09:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2011-03-16 08:54 . 2011-03-16 08:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2011-02-16 02:00 . 2011-03-18 09:32 222156 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin

- 2011-02-23 08:53 . 2011-03-16 08:53 575120 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

+ 2011-02-23 08:53 . 2011-03-18 09:36 575120 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2009-07-14 05:01 . 2011-02-28 00:47 234392 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2011-03-18 09:35 234392 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 04:45 . 2011-03-18 09:39 3607991 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

- 2009-07-14 04:45 . 2011-03-17 17:45 3607991 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2011-03-18 09:35 . 2011-03-18 09:35 9980964 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1191709296-600291842-2282869072-1001-8192.dat

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ce1653cf-323e-07a9-b327-c3a8df52fbdd}]

2011-01-24 17:21 2641920 ----a-w- c:\windows\SysWOW64\9ed192ef.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2010-03-25 2924544]

"Gadu-Gadu 10"="c:\program files (x86)\Gadu-Gadu 10\gg.exe" [2010-12-16 12984928]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]

"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-04 336384]

"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2010-04-07 79360]

"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]

R3 dump_wmimmc;dump_wmimmc;d:\freyak\system\GameGuard\dump_wmimmc.sys [x]

R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1205000.07D\SYMDS64.SYS [x]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1205000.07D\SYMEFA64.SYS [x]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110309.001\BHDrvx64.sys [2011-02-25 1124472]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110317.002\IDSvia64.sys [2010-11-09 476792]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1205000.07D\Ironx64.SYS [x]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1205000.07D\SYMNETS.SYS [x]

S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x]

S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-04 354304]

S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]

S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe [2010-11-24 130000]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]

S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-03-10 132656]

S3 RTL8167;Sterownik Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]

S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]

S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]

S3 WFLR6654;WinFast DTV1800 H (XC3028);c:\windows\system32\drivers\wfeaglxt.sys [x]

.

.

Zawartość folderu 'Zaplanowane zadania'

.

2011-03-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1191709296-600291842-2282869072-1001Core.job

- c:\users\Przemo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-17 21:01]

.

2011-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1191709296-600291842-2282869072-1001UA.job

- c:\users\Przemo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-17 21:01]

.

.

--------- x86-64 -----------

.

.

------- Skan uzupełniający -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: &P&obierz &za pomocą BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm

IE: Pobierz wszystko za pomocą BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm

TCP: {8D2C4A23-8B82-49A4-B20C-441456571758} = 192.168.1.1

FF - ProfilePath - c:\users\Przemo\AppData\Roaming\Mozilla\Firefox\Profiles\yr3ux1ux.default\

FF - prefs.js: network.proxy.type - 0

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]

"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.5.0.125\diMaster.dll\" /prefetch:1"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Czas ukończenia: 2011-03-18 10:46:22

ComboFix-quarantined-files.txt 2011-03-18 09:46

ComboFix2.txt 2011-03-18 09:33

.

Przed: 15 262 593 024 bajtów wolnych

Po: 15 146 528 768 bajtów wolnych

.

- - End Of File - - 29480D536771D0D03890B96E8E1492AD

 

 

 

Jeszcze wkleję ten błąd firefox

 

 

AdapterDeviceID: 9442

AdapterVendorID: 1002

Add-ons: autofillForms@blueimp.net:0.9.8.0,{82799ce0-8a16-ac09-7df4-f53d3ed04b87}:4.6.7.3,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:4.0

AvailableVirtualMemory: 3847000064

BuildID: 20110303194838

CrashTime: 1300442514

EMCheckCompatibility: true

FramePoisonBase: 00000000f0de0000

FramePoisonSize: 65536

InstallTime: 1300389563

Notes: AdapterVendorID: 1002, AdapterDeviceID: 9442, AdapterDriverVersion: 8.812.0.0

D2D? D2D+

DWrite? DWrite+

D3D10 Layers? D3D10 Layers+

xpcom_runtime_abort(###!!! ABORT: Main-thread-only object used off the main thread: file e:/builds/moz2_slave/rel-2.0-w32-bld/build/xpcom/base/nsCycleCollector.cpp, line 1195)

ProductName: Firefox

ReleaseChannel: release

SecondsSinceLastCrash: 1356

StartupTime: 1300441620

SystemMemoryUsePercentage: 34

Theme: classic/1.0

Throttleable: 1

TotalVirtualMemory: 4294836224

Vendor: Mozilla

Version: 4.0

Winsock_LSP: MSAFD TCP/IP [TCP/IP] : 2 : 1 : %SystemRoot%\system32\mswsock.dll

MSAFD TCP/IP [uDP/IP] : 2 : 2 :

MSAFD TCP/IP [RAW/IP] : 2 : 3 : %SystemRoot%\system32\mswsock.dll

MSAFD TCP/IP [TCP/IPv6] : 2 : 1 :

MSAFD TCP/IP [uDP/IPv6] : 2 : 2 : %SystemRoot%\system32\mswsock.dll

MSAFD TCP/IP [RAW/IPv6] : 2 : 3 :

Dostawca usług RSVP TCPv6 : 2 : 1 : %SystemRoot%\system32\mswsock.dll

Dostawca usług RSVP TCP : 2 : 1 :

Dostawca usług RSVP UDPv6 : 2 : 2 : %SystemRoot%\system32\mswsock.dll

Dostawca usług RSVP UDP : 2 : 2 :

 

Zgłoszenie to zawiera ponadto informacje na temat stanu programu w momencie wystąpienia awarii.

Edytowane przez Aviel

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach
ULLISSES Enthusiast

ULLISSES

Opublikowano
Opublikowano

Jak bym miał strzelać, to:

2011-03-14 18:44 . 2011-01-24 17:21 2575360 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82799ce0-8a16-ac09-7df4-f53d3ed04b87}\components\f6721059.dll

Chyba, że ComboFix go wcześniej usunął...

 

Wyłącz FF, wejdź do w/w katalogu i przenieś ten plik w dowolne inne miejsce (np. na Pulpit). Następnie odpal FF - jeśli chodzi normalnie i problem zniknął, to masz przyczynę.

Jeśli nie, to przenieś plik z powrotem.

 

Sprawdź także, czy nie masz ustawionego proxy w FF.

 

Jeśli powyższe nie pomogło, to użyj OTL do tworzenia loga - on chyba pokazuje więcej szczegółów na temat dodatków, które uruchamiane są wraz z FF.

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach
Aviel Newbie

Aviel

Opublikowano
Opublikowano

Niestety nie pomogło dalej to samo

FF bez proxy

LOG OTL

 

OTL logfile created on: 2011-03-18 11:11:54 - Run 1

OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Przemo\Desktop

64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free

8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free

Paging file location(s): c:\pagefile.sys 0 0 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 48,73 Gb Total Space | 14,17 Gb Free Space | 29,09% Space Free | Partition Type: NTFS

Drive D: | 78,12 Gb Total Space | 12,50 Gb Free Space | 16,00% Space Free | Partition Type: NTFS

Drive E: | 338,80 Gb Total Space | 22,78 Gb Free Space | 6,72% Space Free | Partition Type: NTFS

 

Computer Name: PRZEMO-KOMPUTER | User Name: Przemo | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011-03-18 11:09:25 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Przemo\Desktop\OTL_3.2.22.3(dobreprogramy.pl).exe

PRC - [2011-03-17 09:39:32 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2011-03-04 13:01:09 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2011-01-20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

PRC - [2010-12-16 06:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe

PRC - [2010-11-24 03:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe

PRC - [2010-10-27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

PRC - [2010-04-07 18:08:22 | 002,013,696 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DVBTAP.exe

PRC - [2010-04-07 18:07:12 | 000,079,360 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe

PRC - [2010-03-25 15:04:42 | 002,924,544 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe

PRC - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

PRC - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011-03-18 11:09:25 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Przemo\Desktop\OTL_3.2.22.3(dobreprogramy.pl).exe

MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2011-01-05 03:57:44 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2011-01-04 22:07:10 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)

SRV:64bit: - [2010-06-17 05:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)

SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2011-03-17 09:39:32 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2010-12-28 09:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)

SRV - [2010-11-24 03:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe -- (NIS)

SRV - [2010-11-03 22:33:00 | 004,045,280 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)

SRV - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

SRV - [2004-12-13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011-03-15 18:55:13 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)

DRV:64bit: - [2011-03-15 18:55:12 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)

DRV:64bit: - [2011-03-14 14:44:47 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2011-03-10 10:07:39 | 000,174,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)

DRV:64bit: - [2011-02-17 17:21:12 | 000,156,080 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV:64bit: - [2011-02-15 18:26:16 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV:64bit: - [2011-01-05 04:37:14 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2011-01-05 04:37:14 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2011-01-05 03:19:38 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010-12-01 06:24:00 | 000,382,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\symnets.sys -- (SymNetS)

DRV:64bit: - [2010-11-23 05:08:32 | 000,735,864 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\srtsp64.sys -- (SRTSP)

DRV:64bit: - [2010-11-23 05:08:32 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV:64bit: - [2010-11-18 03:59:55 | 000,802,864 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\symefa64.sys -- (SymEFA)

DRV:64bit: - [2010-11-17 13:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2010-11-16 02:45:33 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\ironx64.sys -- (SymIRON)

DRV:64bit: - [2010-10-21 03:28:36 | 000,450,608 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\symds64.sys -- (SymDS)

DRV:64bit: - [2010-02-18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)

DRV:64bit: - [2009-10-21 11:33:02 | 000,474,240 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wfeaglxt.sys -- (WFLR6654) WinFast DTV1800 H (XC3028)

DRV:64bit: - [2009-09-17 12:04:18 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)

DRV:64bit: - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009-06-10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2011-03-15 09:10:03 | 001,791,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110317.036\EX64.SYS -- (NAVEX15)

DRV - [2011-03-15 09:10:03 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110317.036\ENG64.SYS -- (NAVENG)

DRV - [2011-03-10 11:42:28 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2011-02-25 22:04:56 | 001,124,472 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110309.001\BHDrvx64.sys -- (BHDrvx64)

DRV - [2010-11-09 01:50:27 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110317.002\IDSviA64.sys -- (IDSVia64)

DRV - [2010-08-13 10:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

 

IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.25

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {82799ce0-8a16-ac09-7df4-f53d3ed04b87}:4.6.7.3

FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0

FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5

FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.8.0

FF - prefs.js..network.proxy.type: 0

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011-03-13 08:04:15 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn\ [2011-03-10 17:07:58 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-03-17 20:19:08 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-03-17 20:13:49 | 000,000,000 | ---D | M]

 

[2011-02-15 13:18:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemo\AppData\Roaming\mozilla\Extensions

[2011-03-16 23:37:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Przemo\AppData\Roaming\mozilla\Firefox\Profiles\yr3ux1ux.default\extensions

[2011-02-15 13:35:27 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Przemo\AppData\Roaming\mozilla\Firefox\Profiles\yr3ux1ux.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

[2011-03-15 12:50:20 | 000,000,000 | ---D | M] (Autofill Forms) -- C:\Users\Przemo\AppData\Roaming\mozilla\Firefox\Profiles\yr3ux1ux.default\extensions\autofillForms@blueimp.net

[2011-03-18 10:04:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2011-03-14 19:44:08 | 000,000,000 | ---D | M] (z) -- C:\Program Files (x86)\mozilla firefox\extensions\{82799ce0-8a16-ac09-7df4-f53d3ed04b87}

[2011-02-21 09:02:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

File not found (No name found) --

[2011-03-13 08:04:15 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPLGN

[2011-03-04 13:01:10 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2010-08-24 10:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll

[2011-02-02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2010-01-01 09:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml

[2010-01-01 09:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml

[2010-01-01 09:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml

[2010-01-01 09:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml

[2010-01-01 09:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml

[2010-01-01 09:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

 

O1 HOSTS File: ([2011-03-18 10:30:51 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\coIEPlg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\IPS\IPSBHO.DLL (Symantec Corporation)

O2 - BHO: (yourprofitclub) - {ce1653cf-323e-07a9-b327-c3a8df52fbdd} - C:\Windows\SysWOW64\9ed192ef.dll ()

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\coIEPlg.dll (Symantec Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\coIEPlg.dll (Symantec Corporation)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)

O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)

O4 - HKCU..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8:64bit: - Extra context menu item: &P&obierz &za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)

O8:64bit: - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: &P&obierz &za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)

O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll (BitComet)

O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011-03-18 11:09:25 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Przemo\Desktop\OTL_3.2.22.3(dobreprogramy.pl).exe

[2011-03-18 10:46:24 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2011-03-18 10:40:22 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2011-03-18 10:25:16 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2011-03-18 10:25:16 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2011-03-18 10:25:16 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2011-03-18 10:25:10 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2011-03-18 10:23:55 | 000,000,000 | ---D | C] -- C:\Qoobox

[2011-03-17 22:39:58 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\NPE

[2011-03-17 22:04:18 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2011-03-17 22:01:25 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\Google

[2011-03-17 22:00:49 | 000,568,640 | ---- | C] (Google Inc.) -- C:\Users\Przemo\Desktop\ChromeSetup.exe

[2011-03-17 21:56:45 | 006,143,416 | ---- | C] (Symantec Corporation) -- C:\Users\Przemo\Desktop\NPE.exe

[2011-03-17 20:16:37 | 013,308,232 | ---- | C] (Mozilla) -- C:\Users\Przemo\Desktop\Firefox Setup 4.0 RC 1.exe

[2011-03-17 09:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft

[2011-03-17 09:39:31 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\PunkBuster

[2011-03-17 09:38:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft

[2011-03-16 21:46:28 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\3DMGAME

[2011-03-16 20:55:19 | 000,000,000 | ---D | C] -- C:\Users\Przemo\Desktop\Phoenix_15beta2

[2011-03-16 20:37:58 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\SecondLife

[2011-03-16 20:37:58 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\PhoenixViewer

[2011-03-16 14:57:34 | 000,000,000 | ---D | C] -- C:\Users\Przemo\Desktop\Czeslaw_Spiewa_-_Debiut_-_2008_-_128_kbps

[2011-03-16 09:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy

[2011-03-16 09:10:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2011-03-16 09:10:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy

[2011-03-15 21:39:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ChrisTV Lite

[2011-03-15 18:56:07 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\Risen

[2011-03-14 19:02:33 | 000,000,000 | ---D | C] -- C:\Users\Przemo\Documents\Darkspore

[2011-03-14 19:02:28 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\DarksporeData

[2011-03-14 15:11:38 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\ElevatedDiagnostics

[2011-03-14 14:44:06 | 000,000,000 | RH-D | C] -- C:\Users\Przemo\AppData\Roaming\SecuROM

[2011-03-13 22:30:05 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\CrashDumps

[2011-03-12 20:56:47 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\Stonetrip

[2011-03-12 15:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games

[2011-03-10 17:08:09 | 000,382,072 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\symnets.sys

[2011-03-10 17:08:08 | 000,802,864 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\symefa64.sys

[2011-03-10 17:08:08 | 000,735,864 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\srtsp64.sys

[2011-03-10 17:08:08 | 000,450,608 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\symds64.sys

[2011-03-10 17:08:08 | 000,171,128 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\ironx64.sys

[2011-03-10 17:08:08 | 000,040,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\srtspx64.sys

[2011-03-10 17:07:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1205000.07D

[2011-03-10 10:09:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared

[2011-03-10 10:07:39 | 000,174,640 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2011-03-10 10:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared

[2011-03-10 10:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec

[2011-03-10 10:07:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64

[2011-03-10 10:07:21 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security

[2011-03-10 10:07:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security

[2011-03-10 10:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2011-03-10 10:07:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller

[2011-03-10 10:07:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller

[2011-03-10 10:06:50 | 000,000,000 | ---D | C] -- C:\Users\Przemo\Desktop\NIS11.rotfl

[2011-03-10 09:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData

[2011-03-09 09:19:00 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll

[2011-03-09 09:19:00 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll

[2011-03-09 09:19:00 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll

[2011-03-09 09:19:00 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll

[2011-03-09 09:19:00 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll

[2011-03-09 09:19:00 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll

[2011-03-09 09:19:00 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax

[2011-03-09 09:19:00 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax

[2011-03-09 09:18:57 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll

[2011-03-09 09:18:57 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll

[2011-03-09 09:18:57 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe

[2011-03-09 09:18:57 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe

[2011-03-08 17:00:28 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\Publish Providers

[2011-03-08 16:50:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

[2011-03-08 16:50:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool

[2011-03-08 16:50:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony

[2011-03-08 16:50:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony

[2011-03-08 16:07:15 | 000,000,000 | ---D | C] -- C:\Users\Przemo\Documents\Vegas Movie Studio HD Platinum 10.0 Projects

[2011-03-08 16:07:15 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\Sony

[2011-03-08 16:04:41 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\Sony

[2011-03-08 13:03:47 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\Namco

[2011-03-07 21:53:31 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\ALI213

[2011-03-07 21:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DoWar2R

[2011-03-07 17:18:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayReady

[2011-03-07 17:14:27 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\RDRM

[2011-03-07 17:14:26 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\ipla

[2011-03-07 17:14:26 | 000,000,000 | ---D | C] -- C:\ProgramData\ipla

[2011-03-07 17:14:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ipla

[2011-03-07 17:13:56 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll

[2011-03-07 17:13:56 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll

[2011-03-06 13:13:41 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\Floodlight Games

[2011-03-06 13:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Floodlight Games

[2011-03-04 17:59:03 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\Nicalis

[2011-03-04 01:20:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation

[2011-03-04 01:20:36 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\2K Games

[2011-03-04 01:19:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games

[2011-03-02 17:38:38 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\Awem

[2011-03-02 12:17:21 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\Aspyr

[2011-03-02 09:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters

[2011-03-02 09:38:13 | 017,686,528 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\SysWow64\mkl_blueripple.dll

[2011-03-02 09:38:04 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll

[2011-03-02 09:38:04 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll

[2011-03-02 09:38:04 | 000,122,968 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll

[2011-03-02 09:38:04 | 000,109,144 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll

[2011-03-02 09:38:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL

[2011-03-01 16:11:41 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\IBAGroup

[2011-03-01 10:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts

[2011-03-01 10:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core

[2011-02-28 15:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield

[2011-02-28 12:24:47 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\YoudaGames

[2011-02-27 21:37:24 | 000,000,000 | ---D | C] -- C:\Users\Przemo\VirtualBox VMs

[2011-02-27 21:37:06 | 000,000,000 | ---D | C] -- C:\Users\Przemo\.VirtualBox

[2011-02-27 21:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox

[2011-02-27 21:36:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE

[2011-02-27 21:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle

[2011-02-27 21:34:22 | 080,978,224 | ---- | C] (Oracle Corporation) -- C:\Users\Przemo\Desktop\VirtualBox-4.0.4-70112-Win.exe

[2011-02-27 21:26:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt

[2011-02-27 18:37:25 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\Targem

[2011-02-27 18:37:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Games

[2011-02-27 16:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Cabela's Outdoor Adventures Saves

[2011-02-27 16:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2011-02-27 16:04:08 | 000,000,000 | ---D | C] -- C:\Users\Przemo\Documents\SavedGames

[2011-02-27 16:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED

[2011-02-27 16:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA

[2011-02-25 21:40:22 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\storage

[2011-02-24 09:59:00 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

[2011-02-24 00:12:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace

[2011-02-24 00:09:19 | 000,000,000 | ---D | C] -- C:\Users\Przemo\Documents\Games for Windows - LIVE Demos

[2011-02-23 09:40:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\3-D HUNTING 2010

[2011-02-23 09:40:21 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\3-D HUNTING 2010

[2011-02-22 22:02:24 | 000,000,000 | ---D | C] -- C:\Users\Przemo\Documents\BioWare

[2011-02-22 21:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare

[2011-02-22 14:33:58 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps

[2011-02-22 14:33:58 | 000,000,000 | ---D | C] -- C:\Fraps

[2011-02-22 14:00:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft

[2011-02-22 13:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard

[2011-02-22 13:46:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive

[2011-02-22 13:46:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE

[2011-02-21 09:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader

[2011-02-21 09:02:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2011-02-21 09:02:50 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll

[2011-02-21 09:02:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader

[2011-02-21 09:00:08 | 030,157,280 | ---- | C] (AppWork UG (haftungsbeschränkt)) -- C:\Users\Przemo\Desktop\JDownloaderSetup.exe

[2011-02-19 13:53:05 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

[2011-02-17 20:13:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2011-02-17 20:12:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight

[2011-02-17 20:12:30 | 006,277,496 | ---- | C] (Microsoft Corporation) -- C:\Users\Przemo\Desktop\Silverlight.exe

[2011-02-17 19:56:36 | 000,000,000 | ---D | C] -- C:\Users\Przemo\Documents\Telltale Games

[2011-02-17 17:21:12 | 000,156,080 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys

[2011-02-17 17:21:10 | 000,320,816 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\VBoxNetFltNotify.dll

[2011-02-16 22:56:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt

[2011-02-16 22:56:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NAPI-PROJEKT

[2011-02-16 22:56:16 | 002,512,754 | ---- | C] ( ) -- C:\Users\Przemo\Desktop\NapiProjekt1.0.6.9_(programs.pl).exe

[2011-02-16 13:14:50 | 000,000,000 | ---D | C] -- C:\Users\Przemo\AppData\Local\Programs

[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011-03-18 11:09:25 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Przemo\Desktop\OTL_3.2.22.3(dobreprogramy.pl).exe

[2011-03-18 11:07:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1191709296-600291842-2282869072-1001UA.job

[2011-03-18 10:44:26 | 000,010,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011-03-18 10:44:26 | 000,010,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011-03-18 10:36:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011-03-18 10:36:46 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys

[2011-03-18 10:30:51 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2011-03-18 10:23:07 | 004,289,870 | R--- | M] () -- C:\Users\Przemo\Desktop\ComboFix.exe

[2011-03-17 22:36:08 | 000,126,687 | ---- | M] () -- C:\Users\Przemo\Desktop\ciach!O.png

[2011-03-17 22:06:02 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1191709296-600291842-2282869072-1001Core.job

[2011-03-17 22:04:32 | 000,002,324 | ---- | M] () -- C:\Users\Przemo\Desktop\Google Chrome.lnk

[2011-03-17 22:01:06 | 000,568,640 | ---- | M] (Google Inc.) -- C:\Users\Przemo\Desktop\ChromeSetup.exe

[2011-03-17 21:56:56 | 006,143,416 | ---- | M] (Symantec Corporation) -- C:\Users\Przemo\Desktop\NPE.exe

[2011-03-17 20:19:13 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011-03-17 20:16:37 | 013,308,232 | ---- | M] (Mozilla) -- C:\Users\Przemo\Desktop\Firefox Setup 4.0 RC 1.exe

[2011-03-17 09:39:41 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011-03-17 09:39:32 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2011-03-16 09:45:13 | 001,145,970 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB

[2011-03-16 09:10:43 | 000,001,258 | ---- | M] () -- C:\Users\Przemo\Desktop\Spybot - Search & Destroy.lnk

[2011-03-15 21:38:13 | 051,592,400 | ---- | M] () -- C:\Users\Przemo\Desktop\WinFastPVR2_setup_20336.zip

[2011-03-15 18:55:13 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys

[2011-03-15 18:55:12 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys

[2011-03-14 14:44:47 | 000,513,080 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys

[2011-03-14 13:50:15 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011-03-14 13:50:15 | 000,687,590 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat

[2011-03-14 13:50:15 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011-03-14 13:50:15 | 000,131,176 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat

[2011-03-14 13:50:15 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011-03-14 13:47:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2011-03-13 08:03:48 | 000,002,500 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk

[2011-03-13 08:03:30 | 001,145,970 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\Cat.DB

[2011-03-10 10:07:39 | 000,174,640 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2011-03-10 10:07:39 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2011-03-10 10:07:39 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2011-03-07 21:48:40 | 000,000,603 | ---- | M] () -- C:\Users\Przemo\Desktop\DoWar2R.lnk

[2011-03-07 17:13:56 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll

[2011-03-07 17:13:56 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll

[2011-03-06 13:13:03 | 000,000,893 | ---- | M] () -- C:\Users\Przemo\Desktop\Special Enquiry Detail The Hand that Feeds.lnk

[2011-03-04 01:19:43 | 000,000,749 | ---- | M] () -- C:\Users\Public\Desktop\Mafia II.lnk

[2011-03-02 09:38:04 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll

[2011-03-02 09:38:04 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll

[2011-03-02 09:38:04 | 000,122,968 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll

[2011-03-02 09:38:04 | 000,109,144 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll

[2011-03-01 21:36:42 | 000,000,000 | -H-- | M] () -- C:\Users\Przemo\Documents\Default.rdp

[2011-02-27 21:36:47 | 000,001,034 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk

[2011-02-27 21:36:05 | 080,978,224 | ---- | M] (Oracle Corporation) -- C:\Users\Przemo\Desktop\VirtualBox-4.0.4-70112-Win.exe

[2011-02-23 17:44:44 | 000,001,335 | ---- | M] () -- C:\Users\Przemo\Desktop\Bulletstorm.lnk

[2011-02-22 14:33:58 | 000,000,562 | ---- | M] () -- C:\Users\Przemo\Desktop\Fraps.lnk

[2011-02-21 09:03:06 | 000,001,036 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk

[2011-02-21 09:01:27 | 030,157,280 | ---- | M] (AppWork UG (haftungsbeschränkt)) -- C:\Users\Przemo\Desktop\JDownloaderSetup.exe

[2011-02-17 20:12:39 | 006,277,496 | ---- | M] (Microsoft Corporation) -- C:\Users\Przemo\Desktop\Silverlight.exe

[2011-02-17 17:21:12 | 000,156,080 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys

[2011-02-17 17:21:10 | 000,320,816 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\VBoxNetFltNotify.dll

[2011-02-16 22:56:49 | 000,000,975 | ---- | M] () -- C:\Users\Przemo\Desktop\NapiProjekt.lnk

[2011-02-16 22:56:20 | 002,512,754 | ---- | M] ( ) -- C:\Users\Przemo\Desktop\NapiProjekt1.0.6.9_(programs.pl).exe

[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011-03-18 10:25:16 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2011-03-18 10:25:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2011-03-18 10:25:16 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe

[2011-03-18 10:25:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2011-03-18 10:25:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2011-03-18 10:22:45 | 004,289,870 | R--- | C] () -- C:\Users\Przemo\Desktop\ComboFix.exe

[2011-03-17 22:36:08 | 000,126,687 | ---- | C] () -- C:\Users\Przemo\Desktop\ciach!O.png

[2011-03-17 22:04:31 | 000,002,324 | ---- | C] () -- C:\Users\Przemo\Desktop\Google Chrome.lnk

[2011-03-17 22:02:31 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1191709296-600291842-2282869072-1001UA.job

[2011-03-17 22:01:50 | 000,001,010 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1191709296-600291842-2282869072-1001Core.job

[2011-03-17 20:19:13 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011-03-17 20:19:11 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2011-03-17 09:39:41 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011-03-17 09:39:32 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2011-03-16 09:45:09 | 001,145,970 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB

[2011-03-16 09:10:42 | 000,001,258 | ---- | C] () -- C:\Users\Przemo\Desktop\Spybot - Search & Destroy.lnk

[2011-03-15 21:37:05 | 051,592,400 | ---- | C] () -- C:\Users\Przemo\Desktop\WinFastPVR2_setup_20336.zip

[2011-03-15 18:55:13 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys

[2011-03-15 18:55:12 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys

[2011-03-14 19:44:08 | 002,575,360 | ---- | C] () -- C:\Users\Przemo\Desktop\f6721059.dll

[2011-03-14 14:44:47 | 000,513,080 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys

[2011-03-14 13:47:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2011-03-13 08:03:17 | 001,145,970 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\Cat.DB

[2011-03-10 17:08:09 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\symnet64.cat

[2011-03-10 17:08:09 | 000,001,446 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\symnet.inf

[2011-03-10 17:08:08 | 000,007,492 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\iron.cat

[2011-03-10 17:08:08 | 000,007,462 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\srtspx64.cat

[2011-03-10 17:08:08 | 000,007,460 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\symefa64.cat

[2011-03-10 17:08:08 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\srtsp64.cat

[2011-03-10 17:08:08 | 000,007,454 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\symds64.cat

[2011-03-10 17:08:08 | 000,003,374 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\symefa.inf

[2011-03-10 17:08:08 | 000,002,792 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\symds.inf

[2011-03-10 17:08:08 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\srtsp64.inf

[2011-03-10 17:08:08 | 000,001,422 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\srtspx64.inf

[2011-03-10 17:08:08 | 000,000,772 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\iron.inf

[2011-03-10 17:07:58 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1205000.07D\isolate.ini

[2011-03-10 10:07:39 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2011-03-10 10:07:39 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2011-03-10 10:07:37 | 000,002,500 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk

[2011-03-07 21:48:40 | 000,000,603 | ---- | C] () -- C:\Users\Przemo\Desktop\DoWar2R.lnk

[2011-03-06 13:13:03 | 000,000,893 | ---- | C] () -- C:\Users\Przemo\Desktop\Special Enquiry Detail The Hand that Feeds.lnk

[2011-03-04 01:19:43 | 000,000,749 | ---- | C] () -- C:\Users\Public\Desktop\Mafia II.lnk

[2011-03-01 21:36:42 | 000,000,000 | -H-- | C] () -- C:\Users\Przemo\Documents\Default.rdp

[2011-02-27 21:36:47 | 000,001,034 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk

[2011-02-24 00:12:17 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk

[2011-02-23 17:44:44 | 000,001,335 | ---- | C] () -- C:\Users\Przemo\Desktop\Bulletstorm.lnk

[2011-02-22 14:33:58 | 000,000,562 | ---- | C] () -- C:\Users\Przemo\Desktop\Fraps.lnk

[2011-02-21 09:03:06 | 000,001,036 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk

[2011-02-16 22:56:49 | 000,000,975 | ---- | C] () -- C:\Users\Przemo\Desktop\NapiProjekt.lnk

[2011-02-15 12:58:19 | 000,000,350 | ---- | C] () -- C:\Windows\SysWow64\AF15IRTBL.bin

[2011-02-15 12:57:24 | 000,000,344 | ---- | C] () -- C:\Windows\WFD_FindDevID.ini

[2011-02-15 12:57:23 | 000,000,344 | ---- | C] () -- C:\Windows\WFD_FindMceDev.ini

[2011-02-15 12:15:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2011-01-24 18:21:42 | 002,641,920 | ---- | C] () -- C:\Windows\SysWow64\9ed192ef.dll

[2010-12-15 20:33:32 | 000,002,975 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2010-10-14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2009-07-14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009-07-14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009-07-14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009-07-14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:1DEE6B65

@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:D3E94D8E

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:DFC5A2B2

 

< End of report >

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach
ULLISSES Enthusiast

ULLISSES

Opublikowano
Opublikowano

Lately, I am continually getting the pop up "Skip This Ad". How do I stop this? | Firefox Support Forum | Pomoc dla Firefoksa

 

Poszukaj w Dodaj/Usuń programy "Contextual Tool Yourprofitclub" i odinstaluj. Może to zainstalowało się razem z BitComet - wtedy proponuję zmianę klienta na np. uTorrent.

 

Jeśli nie, to poszukaj w Dodatkach w Firefox - OTL nie wyświetla nazw dodatków, więc trudno ogarnąć który powoduje problem.

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach
Aviel Newbie

Aviel

Opublikowano
Opublikowano

Właśnie odinstalowywałem bezużyteczne programy i odinstalowałem przy okazji to co napisałeś. Jak na razie śmiga bezproblemowo. Zobaczymy za chwilę. jak będzie dalej to na pewno napisze 8O

Dzięki!

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach
Kolobos Newbie

Kolobos

Opublikowano
Opublikowano

Wykonaj skrypt w OTL:

 

:OTL

IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found

O2 - BHO: (yourprofitclub) - {ce1653cf-323e-07a9-b327-c3a8df52fbdd} - C:\Windows\SysWOW64\9ed192ef.dll ()

O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found

O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

[2011-01-24 18:21:42 | 002,641,920 | ---- | C] () -- C:\Windows\SysWow64\9ed192ef.dll

Udostępnij tę odpowiedź

Odnośnik do odpowiedzi
Udostępnij na innych stronach

Dołącz do dyskusji

Możesz dodać zawartość już teraz a zarejestrować się później. Jeśli posiadasz już konto, zaloguj się aby dodać zawartość za jego pomocą.

Gość
Dodaj odpowiedź do tematu...

×   Wklejono zawartość z formatowaniem.   Przywróć formatowanie

  Dozwolonych jest tylko 75 emoji.

×   Odnośnik został automatycznie osadzony.   Przywróć wyświetlanie jako odnośnik

×   Przywrócono poprzednią zawartość.   Wyczyść edytor

×   Nie możesz bezpośrednio wkleić grafiki. Dodaj lub załącz grafiki z adresu URL.

Ładowanie
×
Tematy
×
×
  • Dodaj nową pozycję...