Witam, mam następujący problem, nie mogę wejść na partycje poprzez dwuklik ponieważ wtedy pojawia mi się okno programu otwórz za pomocą, mogę wejść jedynie za pomocą eksploruj. Z góry dzięki za pomoc.
Zastosuj Flash Disinfector.
Pokaż logi OTL.
(Na Windows Vista uruchamiamy program z menu Uruchom jako Administrator… )
Logi wklejasz na wklej.org lub wklej.to, a w poście dajesz link.
Wielkie dzięki deFco247 Flash Disinfector pomógł.
To jest od wirusów. Usunęliśmy skutki, ale nie przyczynę.
Oto logi:
OTL logfile created on: 2009-08-07 11:48:16 - Run 1
OTL by OldTimer - Version 3.0.10.4 Folder = C:\Documents and Settings\Maciek\Pulpit
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
2,00 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 71,32% Memory free
3,85 Gb Paging File | 3,34 Gb Available in Paging File | 86,78% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 2,58 Gb Free Space | 8,81% Space Free | Partition Type: NTFS
Drive D: | 119,75 Gb Total Space | 23,30 Gb Free Space | 19,45% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MACIEK-C0B8CE01
Current User Name: Maciek
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2009-02-05 23:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-02-05 23:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2007-06-13 15:23:49 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008-07-23 17:51:26 | 16,804,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2008-06-18 19:01:56 | 00,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2009-02-05 23:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-07-06 21:26:04 | 01,700,992 | ---- | M] (TMRG, Inc.) -- C:\Program Files\RelevantKnowledge\rlvknlg.exe
PRC - [2009-07-09 17:29:12 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2004-10-13 18:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2006-03-04 18:40:30 | 00,882,176 | ---- | M] () -- D:\Programy\Kalendarz XP\Kalendarz.exe
PRC - [2005-11-09 17:54:00 | 00,589,824 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe
PRC - [2009-07-09 17:29:12 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008-10-07 14:33:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
PRC - [2006-03-02 14:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\unsecapp.exe
PRC - [2009-02-06 18:39:29 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe
PRC - [2009-02-05 23:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-02-05 23:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2006-12-01 12:46:06 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmplayer.exe
PRC - [2009-08-04 07:56:37 | 00,307,704 | ---- | M] (Mozilla Corporation) -- D:\Programy\Mozilla Firefox\firefox.exe
PRC - [2008-03-20 12:04:46 | 02,127,296 | ---- | M] (Gadu-Gadu S.A.) -- D:\Programy\Gadu-Gadu\gg.exe
PRC - [2009-08-07 11:47:16 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maciek\Pulpit\OTL.exe
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2006-08-16 13:59:43 | 00,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\6to4svc.dll -- (6to4 [Auto | Running])
SRV - [2009-04-08 20:48:28 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2005-09-23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009-02-05 23:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2009-02-05 23:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009-02-05 23:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009-02-05 23:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2005-09-23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006-03-02 14:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005-04-04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2004-08-04 01:44:02 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll -- (Irmon [Auto | Running])
SRV - [2009-07-09 17:29:12 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2008-10-07 14:33:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
SRV - [2004-03-18 17:55:48 | 00,065,536 | ---- | M] (HP) -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [On_Demand | Stopped])
SRV - [2006-03-02 14:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (uploadmgr [Auto | Stopped])
SRV - [2006-12-01 12:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2009-02-05 23:05:11 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2008-07-30 07:51:30 | 00,277,736 | ---- | M] (Protect Software GmbH) -- C:\WINDOWS\System32\drivers\acedrv11.sys -- (acedrv11 [Auto | Running])
DRV - [2008-12-15 21:51:56 | 00,020,747 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\DRIVERS\AegisP.sys -- (AegisP [Auto | Running])
DRV - [2006-06-19 00:51:32 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [System | Running])
DRV - [2009-02-05 23:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2009-02-05 23:08:10 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2009-02-05 23:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2009-02-05 23:07:23 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2009-02-05 23:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2000-06-29 17:24:14 | 00,003,584 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\DLPortIO.SYS -- (DLPortIO [On_Demand | Stopped])
DRV - [2008-12-15 21:41:53 | 00,015,600 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys -- (gdrv [On_Demand | Stopped])
DRV - [2009-06-28 22:58:00 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Running])
DRV - [2005-01-07 18:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
DRV - [2004-06-21 22:35:12 | 00,051,088 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped])
DRV - [2004-06-21 22:35:12 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
DRV - [2005-10-21 20:52:48 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
DRV - [2008-07-24 19:02:44 | 04,749,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006-02-17 21:34:10 | 00,058,288 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k510bus.sys -- (k510bus [On_Demand | Stopped])
DRV - [2006-02-17 21:34:15 | 00,008,336 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k510mdfl.sys -- (k510mdfl [On_Demand | Stopped])
DRV - [2006-02-17 21:34:17 | 00,094,064 | R--- | M] (MCCI) -- C:\WINDOWS\System32\DRIVERS\k510mdm.sys -- (k510mdm [On_Demand | Stopped])
DRV - [2008-10-07 14:33:00 | 06,133,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])
DRV - [2006-03-02 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2005-10-27 16:06:00 | 00,356,096 | ---- | M] (Ralink Technology Inc.) -- C:\WINDOWS\System32\DRIVERS\RT61.sys -- (RT61 [On_Demand | Running])
DRV - [2007-11-13 12:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2008-12-16 16:33:28 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2006-07-24 17:05:00 | 00,005,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
DRV - [2001-08-17 22:49:10 | 00,026,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\System32\DRIVERS\irstusb.sys -- (STIrUsb [On_Demand | Stopped])
DRV - [2007-03-16 11:11:38 | 00,012,256 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel [Auto | Running])
DRV - [2008-06-20 11:52:06 | 00,225,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\tcpip6.sys -- (Tcpip6 [System | Running])
DRV - [2004-04-14 12:08:00 | 00,010,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\WmBEnum.sys -- (WmBEnum [On_Demand | Running])
DRV - [2004-04-14 12:08:00 | 00,021,280 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\WmFilter.sys -- (WmFilter [On_Demand | Stopped])
DRV - [2004-04-14 12:08:00 | 00,005,600 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\WmVirHid.sys -- (WmVirHid [On_Demand | Stopped])
DRV - [2004-04-14 12:08:00 | 00,044,064 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\WmXlCore.sys -- (WmXlCore [On_Demand | Running])
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-606747145-688789844-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-606747145-688789844-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-606747145-688789844-725345543-1004\S-1-5-21-606747145-688789844-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "www.interia.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {b9615918-d3de-44a4-ab65-76df7ea1f1c1}:0.3.8
FF - prefs.js..extensions.enabledItems: undoclosedtabsbutton@supernova00.biz:3.0.3
FF - prefs.js..extensions.enabledItems: {3713a489-0634-4472-8456-dc7abd7eba00}:1.2.2
FF - prefs.js..extensions.enabledItems: chromifox@altmusictv.com:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.13
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.66
FF - prefs.js..extensions.enabledItems: {9864f3b8-68ba-463e-9589-20a4da429bb7}:1.1
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-07-09 17:29:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: D:\Programy\Mozilla Firefox\components [2009-08-05 00:48:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: D:\Programy\Mozilla Firefox\plugins [2009-08-04 07:56:40 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: D:\Programy\Mozilla Thunderbird\components [2009-06-26 23:01:52 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: D:\Programy\Mozilla Thunderbird\plugins [2008-12-19 00:06:37 | 00,000,000 | ---D | M]
[2008-12-15 22:15:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\mozilla\Extensions
[2008-12-15 22:15:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009-08-07 11:04:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\mozilla\Firefox\Profiles\rygvoe44.default\extensions
[2009-03-30 07:02:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\mozilla\Firefox\Profiles\rygvoe44.default\extensions\{3713a489-0634-4472-8456-dc7abd7eba00}
[2008-12-24 22:34:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\mozilla\Firefox\Profiles\rygvoe44.default\extensions\{9864f3b8-68ba-463e-9589-20a4da429bb7}
[2009-08-06 10:07:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\mozilla\Firefox\Profiles\rygvoe44.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2009-06-28 22:40:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\mozilla\Firefox\Profiles\rygvoe44.default\extensions\{b9615918-d3de-44a4-ab65-76df7ea1f1c1}
[2009-07-23 12:11:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\mozilla\Firefox\Profiles\rygvoe44.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-06-28 21:11:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\mozilla\Firefox\Profiles\rygvoe44.default\extensions\chromifox@altmusictv.com
[2008-12-24 22:27:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\mozilla\Firefox\Profiles\rygvoe44.default\extensions\undoclosedtabsbutton@supernova00.biz
O1 HOSTS File: (802 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.the-west.pl
O1 - Hosts: 127.0.0.1 the-west.pl
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKLM\..\Toolbar: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKU\S-1-5-21-606747145-688789844-725345543-1004\..\Toolbar\ShellBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKU\S-1-5-21-606747145-688789844-725345543-1004\..\Toolbar\WebBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - C:\Program Files\Kwyshell\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RelevantKnowledge] C:\Program Files\RelevantKnowledge\rlvknlg.exe (TMRG, Inc.)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-606747145-688789844-725345543-1004..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-606747145-688789844-725345543-1004..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Kalendarz XP.lnk = D:\Programy\Kalendarz XP\Kalendarz.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-606747145-688789844-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-606747145-688789844-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-606747145-688789844-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-606747145-688789844-725345543-1004_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Link to &MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://downloads.ewido.net/ewidoOnlineScan.cab (ewidoOnlineScan Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.srtest.com/srl_bin/sysreqlab_srl.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-18 11:21:48 | 00,000,057 | RHS- | M] () - C:\autorun.inf -- [NTFS]
O32 - AutoRun File - [2009-06-18 11:21:48 | 00,000,057 | RHS- | M] () - D:\autorun.inf -- [NTFS]
O33 - MountPoints2\{1cbdc1f8-cd00-11dd-b6c1-000e2e8a6bbd}\Shell\AutoRun\command - "" = L:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- File not found
O33 - MountPoints2\{1cbdc1f8-cd00-11dd-b6c1-000e2e8a6bbd}\Shell\open\command - "" = L:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe -- File not found
O33 - MountPoints2\{bfb8f314-cae4-11dd-86a8-806d6172696f}\Shell\AutoRun\command - "" = gpcdt.cmd
O33 - MountPoints2\{bfb8f314-cae4-11dd-86a8-806d6172696f}\Shell\open\Command - "" = gpcdt.cmd
O33 - MountPoints2\{ca36edc1-cae2-11dd-b6b2-000e2e8a6bbd}\Shell\AutoRun\command - "" = I:\gpcdt.cmd -- File not found
O33 - MountPoints2\{ca36edc1-cae2-11dd-b6b2-000e2e8a6bbd}\Shell\open\Command - "" = I:\gpcdt.cmd -- File not found
O33 - MountPoints2\{ca36edc5-cae2-11dd-b6b2-000e2e8a6bbd}\Shell - "" = AutoRun
O33 - MountPoints2\{ca36edc5-cae2-11dd-b6b2-000e2e8a6bbd}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{ca36edc6-cae2-11dd-b6b2-000e2e8a6bbd}\Shell\AutoRun\command - "" = gpcdt.cmd
O33 - MountPoints2\{ca36edc6-cae2-11dd-b6b2-000e2e8a6bbd}\Shell\open\Command - "" = gpcdt.cmd
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[7 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2009-08-07 11:47:13 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Maciek\Pulpit\OTL.exe
[2009-08-06 12:55:28 | 00,132,597 | ---- | C] () -- C:\Documents and Settings\Maciek\Pulpit\Flash_Disinfector.exe
[2009-08-03 12:29:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Maciek\Pulpit\Nowy folder (5)
[2009-08-02 08:05:55 | 00,000,520 | ---- | C] () -- C:\Documents and Settings\Maciek\Moje dokumenty\spider.sav
[2009-07-30 14:00:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Maciek\Pulpit\OpenOffice
[2009-07-27 10:16:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Maciek\Pulpit\168in1 (www.pegasus-gry.com)
[2009-07-27 00:57:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Maciek\Dane aplikacji\temp
[2009-07-27 00:57:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Maciek\Moje dokumenty\FIFA Manager 09
[2009-07-26 19:41:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Maciek\Pulpit\RockNESX www.pegasus-gry.com
[2009-07-26 19:41:02 | 00,552,685 | ---- | C] () -- C:\Documents and Settings\Maciek\Pulpit\RockNESX www.pegasus-gry.com.rar
[2009-07-26 19:36:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Maciek\Pulpit\Fceultra v0.98.12 [pl] www.pegasus-gry.com
[2009-07-26 19:36:19 | 00,214,173 | ---- | C] () -- C:\Documents and Settings\Maciek\Pulpit\Fceultra v0.98.12 [pl] www.pegasus-gry.com.rar
[2009-07-26 18:54:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Maciek\Pulpit\RockNES X
[2009-07-26 18:54:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Maciek\Pulpit\Gry NES
[2009-07-26 15:56:26 | 00,618,201 | ---- | C] () -- C:\Documents and Settings\Maciek\Pulpit\RockNES X.zip
[2009-07-20 22:12:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Maciek\Pulpit\b.n.t
[2009-07-20 14:14:13 | 00,202,240 | ---- | C] (ScreenTime Media) -- C:\WINDOWS\System32\screensaver_pl.scr
[2009-07-20 14:14:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\screensaver_pl dir
[2009-07-09 17:29:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009-07-09 17:29:06 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009-07-09 17:27:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Maciek\Dane aplikacji\Sun
[2009-06-04 21:56:23 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\custmon2k.dll
[2009-05-09 09:07:53 | 03,086,336 | ---- | C] () -- C:\WINDOWS\System32\NCMedia.dll
[2009-05-09 09:07:53 | 03,086,336 | ---- | C] () -- C:\WINDOWS\System32\flvvideo.dll
[2009-05-09 09:07:53 | 00,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2009-04-19 21:18:01 | 00,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2009-03-18 23:33:16 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-03-18 23:33:12 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-03-18 23:33:12 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-03-18 23:33:12 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-03-18 23:33:10 | 00,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-03-18 23:33:10 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-03-12 16:17:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2009-02-13 22:30:47 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009-01-27 15:01:42 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATFFDrv.dll
[2009-01-11 21:01:35 | 00,100,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\VBoxDrv.sys
[2009-01-03 21:18:47 | 00,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009-01-02 20:04:25 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008-12-16 16:33:28 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008-12-15 22:03:33 | 00,000,541 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008-12-15 21:53:14 | 00,000,558 | ---- | C] () -- C:\WINDOWS\DFC.INI
[2008-12-15 21:52:03 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\Install6x.dll
[2008-12-15 21:46:57 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008-12-15 21:46:56 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-12-15 21:46:56 | 01,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-12-15 21:46:56 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-12-15 21:46:56 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008-06-11 10:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-06-11 10:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-06-11 10:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-06-11 10:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-06-11 10:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-06-11 10:02:34 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008-06-11 10:02:32 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-06-11 10:02:32 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008-06-11 10:02:32 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008-06-05 09:58:26 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2006-03-02 14:00:00 | 00,000,638 | ---- | C] () -- C:\WINDOWS\win.ini
[2006-03-02 14:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2000-06-29 17:24:14 | 00,003,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\DLPORTIO.SYS
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[7 C:\WINDOWS\System32\*.tmp files]
[6 C:\WINDOWS\*.tmp files]
[2009-08-07 11:47:16 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maciek\Pulpit\OTL.exe
[2009-08-07 10:21:50 | 00,001,204 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUser.job
[2009-08-07 09:23:25 | 00,193,314 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009-08-07 09:23:22 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009-08-07 09:23:17 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009-08-07 08:09:07 | 32,593,994 | ---- | M] () -- C:\Documents and Settings\Maciek\Pulpit\Foty.zip
[2009-08-07 00:30:38 | 02,109,400 | -H-- | M] () -- C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-08-07 00:15:34 | 00,119,808 | ---- | M] () -- C:\Documents and Settings\Maciek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-08-06 12:55:29 | 00,132,597 | ---- | M] () -- C:\Documents and Settings\Maciek\Pulpit\Flash_Disinfector.exe
[2009-08-03 17:21:58 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-02 08:05:55 | 00,000,520 | ---- | M] () -- C:\Documents and Settings\Maciek\Moje dokumenty\spider.sav
[2009-07-27 07:15:20 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009-07-26 19:41:02 | 00,552,685 | ---- | M] () -- C:\Documents and Settings\Maciek\Pulpit\RockNESX www.pegasus-gry.com.rar
[2009-07-26 19:36:19 | 00,214,173 | ---- | M] () -- C:\Documents and Settings\Maciek\Pulpit\Fceultra v0.98.12 [pl] www.pegasus-gry.com.rar
[2009-07-26 15:56:26 | 00,618,201 | ---- | M] () -- C:\Documents and Settings\Maciek\Pulpit\RockNES X.zip
[2009-07-22 12:49:17 | 00,001,908 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2009-07-22 12:49:17 | 00,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2009-07-20 14:14:13 | 00,202,240 | ---- | M] (ScreenTime Media) -- C:\WINDOWS\System32\screensaver_pl.scr
[color=#E56717]========== LOP Check ==========[/color]
[2008-12-15 22:21:46 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji
[2009-07-21 23:47:32 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji
[2008-12-16 23:30:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2009-06-04 22:34:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Iceni
[2009-03-09 15:21:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2008-12-16 15:31:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonSystemWorks
[2009-07-20 17:20:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2009-01-27 16:23:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Test Drive Unlimited
[2008-12-15 22:21:46 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji
[2008-12-15 21:35:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji
[2009-07-27 00:57:43 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji
[2008-12-22 12:42:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\2K Sports
[2009-01-09 23:45:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Ahead
[2008-12-26 14:33:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Auslogics
[2009-04-08 23:24:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\CadSoft
[2008-12-16 23:43:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\DAEMON Tools
[2008-12-17 19:43:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\DAEMON Tools Lite
[2008-12-16 23:43:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\DAEMON Tools Pro
[2009-04-12 15:39:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Disney Interactive Studios
[2008-12-15 22:47:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Gadu-Gadu
[2009-01-02 11:36:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\GanymedeNet
[2009-07-18 22:36:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\gtk-2.0
[2009-07-29 10:21:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Hamachi
[2009-06-04 22:34:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Iceni
[2009-03-24 10:15:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\ipla
[2008-12-17 19:56:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Leadertech
[2008-12-15 23:52:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\OpenOffice.org
[2009-02-01 14:07:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\ProtectDisc
[2009-02-13 22:33:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Samsung
[2009-01-27 14:27:57 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\SecuROM
[2009-05-26 21:48:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\teamspeak2
[2009-07-29 15:47:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\temp
[2009-06-15 22:27:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\The Creative Assembly
[2008-12-16 16:20:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\Thunderbird
[2009-07-10 13:28:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\U3
[2009-06-22 16:10:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\uTorrent
[2009-07-17 19:16:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Maciek\Dane aplikacji\VSO
[2008-12-15 21:35:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji
[2006-03-02 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009-08-07 10:21:50 | 00,001,204 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUser.job
[2009-08-07 09:23:22 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:8CE646EE
< End of report >Logi wklejasz na wklej.org lub wklej.to, a w poście dajesz link.
W zasadzie nie widać tutaj infekcji…
W Custom Scans/Fixes w OTL wklej:
Run Fix. Restart, jeśli będzie potrzebny.
Po tym klikasz CleanUp.
Wyczyść rejestr i dysk CCleaner.
Usuń zbędniki z autostartu.
Wykonaj pełny skan DR WEB CureIt.
Gdy będą wirusy pokaż raport.
Tak. Napewno wirus, a masz na tej partycji plik autorun.inf ? jeśli nie widzisz to wejdż w opcje folderów i w zakładce “widok” zaznacz pokaż ukryte pliki i foldery i odznacz ukryj chronione pliki systemu operacyjnego, poczym dajesz “zastosuj” i sprawdzasz, czy masz.