Witam mam problem z wirusem Win32 malware-gen.
Posiadam Avast Free AV i PC Tools Firewall Plus
Skanuje komputer Avastem usuwam pliki ale po chwili problem powraca
Zamieszczam screeny ze skanu
http://img708.yfrog.com/img708/6811/capture1ky.jpg
Zamieszce jeszcze screen z Firefoxa, która powiadamia mnie ze muszę usunąć ten oto program dla bezpieczeństwa
http://img687.yfrog.com/img687/1545/capture2r.jpg
Proszę o pomoc
Cendo
Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja
http://www.dobreprogramy.pl/Niebezpiecz … 17704.html Proszę zaktualizować javę
Pobierz OTL otl-gmer-rsit-dds-inne-instrukcje-t370405.html Przeskanuj system i podaj log na forum
Ad.1 robi się
Ad.2 zrobione dziękuje
Ad.3 czy może byc program HijackThis.exe i z niego wkleję loga ???
HJT tego nie pokaże co chciałbym zobaczyć dlatego musi być OTL zresztą jest to podstawowy log w tym dziale
OTL logfile created on: 2010-04-22 15:12:58 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Documents and Settings\Chryscienko\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1 023,00 Mb Total Physical Memory | 545,00 Mb Available Physical Memory | 53,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,63 Gb Total Space | 5,80 Gb Free Space | 39,64% Space Free | Partition Type: FAT32
Drive D: | 59,87 Gb Total Space | 15,33 Gb Free Space | 25,61% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DOM
Current User Name: Chryscienko
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (All) ==========[/color]
PRC - [2010-04-22 15:11:26 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chryscienko\Pulpit\OTL.exe
PRC - [2010-04-22 14:59:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-04-14 18:47:08 | 002,790,472 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-04-14 18:47:06 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-04-02 11:59:54 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Firefox 3.0\firefox.exe
PRC - [2010-03-09 16:31:04 | 000,319,792 | ---- | M] (BitTorrent, Inc.) -- D:\uTorrent\utorrent.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-01-12 11:41:00 | 003,168,216 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
PRC - [2009-11-09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe
PRC - [2008-05-16 14:01:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [ITS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [ITS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [ITS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [ITS]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-04-02 14:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe
PRC - [2006-06-19 18:19:26 | 000,253,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
PRC - [2005-04-27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2004-08-10 22:05:14 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [1999-12-13 09:01:00 | 000,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE
[color=#E56717]========== Modules (All) ==========[/color]
MOD - [2010-04-22 15:11:26 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chryscienko\Pulpit\OTL.exe
MOD - [2010-04-22 14:03:14 | 000,088,064 | RHS- | M] () -- C:\Documents and Settings\Chryscienko\Ustawienia lokalne\Temp\nodqq0.dll
MOD - [2008-10-23 13:42:42 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-10-16 02:02:56 | 000,668,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2008-06-17 20:03:16 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:51:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-14 22:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:18 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Auto | Stopped] -- -- (aawservice)
SRV - [2010-04-14 18:47:06 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-04-14 18:47:06 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-04-14 18:47:06 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009-11-09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
SRV - [2007-04-02 14:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
SRV - [2007-03-26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005-04-27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2010-04-14 18:35:48 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-04-14 18:35:26 | 000,162,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-04-14 18:31:40 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-04-14 18:31:12 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-04-14 18:31:02 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-04-14 18:30:46 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-01-13 08:59:28 | 000,115,216 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010-01-12 09:34:14 | 000,070,664 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010-01-07 12:40:26 | 000,233,136 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010-01-07 11:35:06 | 000,058,816 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNDIS)
DRV - [2009-11-23 13:54:20 | 000,088,040 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2009-06-30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008-09-15 07:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008-09-15 07:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008-09-15 07:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008-09-15 07:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008-08-02 14:45:36 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008-05-16 14:01:00 | 006,557,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007-08-12 10:27:06 | 000,009,344 | ---- | M] (Lavasoft AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - [2006-08-09 22:09:54 | 000,064,625 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gmer.sys -- (Gmer)
DRV - [2006-08-08 21:43:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2005-08-30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005-08-30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005-08-30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2004-05-02 10:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2003-01-06 13:28:00 | 000,743,136 | R--- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2002-12-05 06:01:00 | 000,241,664 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2002-12-05 06:01:00 | 000,013,056 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2002-09-23 04:37:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002-09-06 05:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2002-06-20 18:45:44 | 000,013,920 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2002-06-20 18:45:42 | 000,020,128 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2002-06-20 18:45:40 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2002-06-20 18:45:36 | 000,005,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2002-06-20 18:45:34 | 000,039,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2002-06-06 11:14:32 | 000,053,168 | ---- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) Alcatel SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2001-10-26 16:48:56 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NtApm.sys -- (NtApm)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.order.11: "Filmweb"
FF - prefs.js..browser.search.order.2: "Allegro"
FF - prefs.js..browser.search.order.3: "YouTube"
FF - prefs.js..browser.search.order.4: "IsoHunt Bit Torrent"
FF - prefs.js..browser.search.order.5: "TorrentSpy"
FF - prefs.js..browser.search.order.6: "Napisy"
FF - prefs.js..browser.search.order.7: "Wikipedia"
FF - prefs.js..browser.search.order.8: "Filmweb"
FF - prefs.js..browser.search.selectedEngine: "isoHunt - BitTorrent"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.07103010
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: silvermelxt@pardal.de:1.3.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {961408A3-C970-4577-970A-D97C29839A67}:1.3.5
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Firefox 3.0\components [2010-04-02 20:03:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Firefox 3.0\plugins [2010-04-22 14:59:46 | 000,000,000 | ---D | M]
[2008-06-18 20:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Extensions
[2005-10-22 09:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions
[2010-01-28 23:12:52 | 000,000,000 | ---D | M] (IE View) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2010-04-15 08:51:22 | 000,000,000 | ---D | M] (Charamel) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{961408A3-C970-4577-970A-D97C29839A67}
[2005-10-22 10:09:02 | 000,000,000 | ---D | M] (PimpZilla 2.0) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{9w50ge7w-88c1-4wcg-bxg9-90g1a5d31c3z}
[2010-01-29 15:49:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{a02c0c70-605c-11da-8cd6-0800200c9a66}
[2010-01-10 17:59:56 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-10-16 23:31:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2005-12-01 00:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\Longfiber
[2008-12-07 19:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\moveplayer@movenetworks.com
[2010-04-15 08:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\silvermelxt@pardal.de
[2010-01-29 15:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\tron@trionic.net
[2006-11-07 22:00:32 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\searchplugins\filmweb.xml
[2008-05-29 17:52:36 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\searchplugins\youtube.xml
[2008-05-29 17:52:38 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\searchplugins\isohuntBT.xml
O1 HOSTS File: ([2006-08-11 10:15:32 | 000,001,092 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Chryscienko\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTClk\NVRTClk.exe ()
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCSuiteTrayApplication] D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKCU..\Run: [nod32] C:\Documents and Settings\Chryscienko\Ustawienia lokalne\Temp\nodqq.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - D:\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - D:\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - D:\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - D:\Canon\Easy-WebPrint\Resource.dll ()
O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/msaudio.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.39.205 212.76.39.211
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Chryscienko\Dane aplikacji\Microsoft\Internet Explorer\Tapeta programu Internet Explorer.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Chryscienko\Dane aplikacji\Microsoft\Internet Explorer\Tapeta programu Internet Explorer.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004-06-22 17:21:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [FAT32]
O32 - AutoRun File - [2010-04-22 15:13:16 | 000,000,063 | RHS- | M] () - C:\autorun.inf -- [FAT32]
O32 - AutoRun File - [2010-04-22 15:13:15 | 000,000,063 | RHS- | M] () - D:\autorun.inf -- [NTFS]
O33 - MountPoints2\{0033aaa4-7e71-11dc-bc07-0010dcfda8e3}\Shell\AutoRun\command - "" = WDSetup.exe
O33 - MountPoints2\{34b03d05-22e9-11df-b4be-0010dcfda8e3}\Shell - "" = AutoRun
O33 - MountPoints2\{34b03d05-22e9-11df-b4be-0010dcfda8e3}\Shell\1\Command - "" = F:\Recycle.exe -- File not found
O33 - MountPoints2\{34b03d05-22e9-11df-b4be-0010dcfda8e3}\Shell\2\Command - "" = F:\Recycle.exe -- File not found
O33 - MountPoints2\{34b03d06-22e9-11df-b4be-0010dcfda8e3}\Shell\AutoRun\command - "" = qphdin.com
O33 - MountPoints2\{34b03d06-22e9-11df-b4be-0010dcfda8e3}\Shell\open\Command - "" = qphdin.com
O33 - MountPoints2\{542e7164-49f7-11dd-a5f3-0010dcfda8e3}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{791771b0-abdb-11dd-a8c1-0010dcfda8e3}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{878366da-83cc-11dc-a063-0010dcfda8e3}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{8dac28e8-8f00-11dd-a7d8-0010dcfda8e3}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe
O33 - MountPoints2\{8dac28e8-8f00-11dd-a7d8-0010dcfda8e3}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe
O33 - MountPoints2\{9ed44e66-f292-11dd-ab07-0010dcfda8e3}\Shell\autorun\command - "" = F:\fooool.exe -- File not found
O33 - MountPoints2\{9ed44e66-f292-11dd-ab07-0010dcfda8e3}\Shell\explore\command - "" = F:\fooool.exe -- File not found
O33 - MountPoints2\{9ed44e66-f292-11dd-ab07-0010dcfda8e3}\Shell\open\command - "" = F:\fooool.exe -- File not found
O33 - MountPoints2\{a395d6dc-fa5e-11db-b7cf-0090d0a65cc5}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{a7988a10-9c0e-11dd-a83a-0010dcfda8e3}\Shell\AutoRun\command - "" = F:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{a7988a10-9c0e-11dd-a83a-0010dcfda8e3}\Shell\open\Command - "" = F:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{b8faee58-c01b-11dc-a209-0010dcfda8e3}\Shell\AutoRun\command - "" = F:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{b8faee58-c01b-11dc-a209-0010dcfda8e3}\Shell\open\Command - "" = F:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{e7e02c16-337c-11df-b548-0010dcfda8e3}\Shell\AutoRun\command - "" = H:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{e7e02c16-337c-11df-b548-0010dcfda8e3}\Shell\open\Command - "" = H:\ysyjq1bs.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004-06-22 17:07:32 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: Ip6FwHlp - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: [b]NvCplDaemon[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NVRTCLK[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: aawservice - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: aawservice - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010-04-22 15:11:25 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chryscienko\Pulpit\OTL.exe
[2010-04-22 14:59:46 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-04-22 14:59:46 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-04-22 14:59:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-04-22 14:59:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-04-22 14:33:48 | 000,000,000 | ---D | C] -- D:\Moje dokumenty\Pobieranie
[2010-04-22 12:56:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chryscienko\Recent
[2010-04-21 12:47:52 | 000,162,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-04-21 12:47:52 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-04-21 12:47:51 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-04-21 12:47:51 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-04-21 12:47:49 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-04-21 12:47:49 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-04-21 12:47:49 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-04-21 12:47:33 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-04-21 12:47:33 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010-04-21 12:47:20 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-04-21 12:47:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-04-20 15:31:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PCToolsFirewallPlus
[2010-04-20 15:29:59 | 000,207,792 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010-04-20 15:29:59 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010-04-20 15:29:58 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010-04-20 15:29:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-04-20 15:29:40 | 000,070,664 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2010-04-20 15:29:40 | 000,058,816 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2010-04-20 15:29:40 | 000,032,680 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[2010-04-20 15:29:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010-04-20 15:29:38 | 000,115,216 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
[2010-04-20 15:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Firewall Plus
[2010-04-20 14:15:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Malwarebytes
[2010-04-20 14:15:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-04-20 14:15:18 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-04-20 14:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-04-20 14:15:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-03-31 09:22:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010-04-22 15:16:38 | 000,000,063 | RHS- | M] () -- C:\autorun.inf
[2010-04-22 15:11:26 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chryscienko\Pulpit\OTL.exe
[2010-04-22 14:59:36 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-04-22 14:59:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-04-22 14:59:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-04-22 14:59:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-04-22 14:59:36 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-04-22 14:03:20 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-04-22 14:03:14 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-04-22 14:03:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-04-22 14:03:00 | 025,690,112 | ---- | M] () -- C:\Documents and Settings\Chryscienko\ntuser.dat
[2010-04-22 14:03:00 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Chryscienko\ntuser.ini
[2010-04-21 22:24:08 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-04-21 18:24:32 | 000,128,512 | RHS- | M] () -- C:\vgyn6ewc.exe
[2010-04-21 12:47:54 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-04-21 12:47:52 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-04-21 12:17:14 | 000,002,145 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk
[2010-04-21 08:59:42 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-04-21 00:28:02 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_DOM_Chryscienko.job
[2010-04-20 14:15:24 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-04-15 11:42:48 | 000,002,525 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Pulpit\Microsoft Word.lnk
[2010-04-14 18:47:24 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010-04-14 18:47:04 | 000,153,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-04-14 18:35:48 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-04-14 18:35:26 | 000,162,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-04-14 18:31:40 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-04-14 18:31:12 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-04-14 18:31:10 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-04-14 18:31:02 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-04-14 18:30:46 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-04-08 13:11:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-04-05 13:32:46 | 065,165,471 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Pulpit\TheFresh_MixtapeVol1.zip
[2010-03-30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-03-30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-03-29 12:56:56 | 000,001,390 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Pulpit\Kalkulator.lnk
[2010-03-28 08:46:00 | 000,263,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-03-26 23:40:00 | 006,416,084 | -H-- | M] () -- C:\Documents and Settings\Chryscienko\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010-04-21 18:24:58 | 000,128,512 | RHS- | C] () -- C:\vgyn6ewc.exe
[2010-04-21 12:47:53 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-04-20 23:10:39 | 000,000,063 | RHS- | C] () -- C:\autorun.inf
[2010-04-20 15:29:59 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010-04-20 15:29:59 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010-04-20 15:29:58 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010-04-20 15:29:40 | 000,007,435 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.cat
[2010-04-20 15:29:40 | 000,007,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-DNS.cat
[2010-04-20 15:29:38 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplfw.cat
[2010-04-20 14:15:22 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-04-05 13:06:54 | 065,165,471 | ---- | C] () -- C:\Documents and Settings\Chryscienko\Pulpit\TheFresh_MixtapeVol1.zip
[2009-05-18 00:01:37 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009-05-14 13:49:48 | 000,000,153 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2008-08-02 14:38:17 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008-05-16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-05-16 14:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-05-16 14:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-05-16 14:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-08-09 22:09:52 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2006-08-08 21:43:39 | 000,052,858 | ---- | C] () -- C:\WINDOWS\System32\interceptor.sys
[2006-08-08 21:43:18 | 000,027,219 | ---- | C] () -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2006-06-21 18:45:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\FTPStubInstUtils.dll
[2006-06-12 20:31:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Drukarz.INI
[2006-03-09 15:29:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-03-09 15:29:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005-12-07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005-12-03 20:19:45 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005-11-26 14:28:26 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\implode.dll
[2005-10-01 14:03:31 | 000,000,256 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005-09-30 13:31:06 | 000,000,057 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2005-08-26 12:20:20 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2005-05-04 15:47:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005-05-04 15:45:34 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5y.DLL
[2005-04-19 22:29:58 | 000,000,018 | ---- | C] () -- C:\WINDOWS\Winzip32.ini
[2004-10-12 20:29:52 | 000,001,993 | ---- | C] () -- C:\WINDOWS\Okna.INI
[2004-10-12 20:27:37 | 000,000,356 | ---- | C] () -- C:\WINDOWS\Bazy.INI
[2004-10-09 17:05:53 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2004-07-16 12:42:31 | 000,000,398 | ---- | C] () -- C:\WINDOWS\CoverDes.INI
[2004-07-12 20:08:54 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2004-06-30 11:43:40 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2004-06-22 20:19:23 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004-06-22 18:45:16 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004-06-22 18:19:27 | 000,005,607 | R--- | C] () -- C:\WINDOWS\System32\stci.dll
[2003-03-25 06:49:02 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001-10-28 17:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[color=#E56717]========== LOP Check ==========[/color]
[2005-10-26 14:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Kazaa Lite
[2006-08-08 21:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\G DATA
[2007-07-30 20:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations
[2007-07-30 20:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2007-07-30 20:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2008-06-21 10:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2009-10-24 16:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-03-08 15:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\f-secure
[2010-03-08 15:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\fssg
[2010-04-20 15:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-04-21 12:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2005-06-29 18:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PDFCreator
[2006-04-18 18:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PEX
[2007-02-07 11:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\uTorrent
[2007-07-30 20:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PC Suite
[2007-07-30 20:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Nokia
[2007-07-30 20:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Nokia Multimedia Player
[2008-08-02 14:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Samsung
[2009-03-20 10:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-27 20:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\RayV
[2009-10-24 16:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\OpenFM
[2010-04-20 15:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PCToolsFirewallPlus
[2010-04-21 00:28:02 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_DOM_Chryscienko.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2008-05-07 22:24:26 | 000,251,152 | -HS- | M] () -- C:\ntldr
[2010-04-22 14:03:06 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-09-22 09:08:32 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2006-03-02 16:57:12 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2004-06-22 17:21:14 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2004-06-22 17:21:14 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2004-06-22 17:21:14 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2004-06-22 17:21:14 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-04-22 15:17:02 | 000,000,063 | RHS- | M] () -- C:\autorun.inf
[2010-04-21 18:24:32 | 000,128,512 | RHS- | M] () -- C:\vgyn6ewc.exe
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004-08-04 08:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004-08-04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\atapi.sys
[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:cdrom.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2002-08-29 02:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtUninstallKB826942$\ndis.sys
[2004-08-04 08:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\userinit.exe
[2004-08-04 09:44:28 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=BD768099B4C44AA631728CB74EB54396 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 09:44:28 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >W okno Custom Scans/Fixes w OTL wklej:
Klikasz na Run Fix. Jeśli zajdzie taka potrzeba restartujesz komputer. Log z usuwania na forum
Następnie ponownie uruchamiasz OTL klikasz raz jeszcze Run Scan i dajesz nowy log na forum Czyli dwa logi jeden z usuwania drugi z nowego skanowania po usuwaniu.
Po wklejeniu tekstu do Custom Scan i kliknięciu Run Fix ODRAZU ZRESTARTOWAŁ mi się komputer , tak miało być ???
Teraz wykonam Run Scan przy poprzednich ustawienaich programu
Tak, nie pojawił się log po usuwaniu?
nie
Sprawdź w katalogu C:_OTL Po tym Uruchom OTL klikasz Run Scan po zakończeniu skanowania podaj nowy log na forum
OTL logfile created on: 2010-04-22 15:56:32 - Run 2
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Documents and Settings\Chryscienko\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1 023,00 Mb Total Physical Memory | 624,00 Mb Available Physical Memory | 61,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,63 Gb Total Space | 5,95 Gb Free Space | 40,64% Space Free | Partition Type: FAT32
Drive D: | 59,87 Gb Total Space | 15,33 Gb Free Space | 25,61% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DOM
Current User Name: Chryscienko
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (All) ==========[/color]
PRC - [2010-04-22 15:11:26 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chryscienko\Pulpit\OTL.exe
PRC - [2010-04-22 14:59:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-04-14 18:47:08 | 002,790,472 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-04-14 18:47:06 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-04-02 11:59:54 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Firefox 3.0\firefox.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-01-12 11:41:00 | 003,168,216 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
PRC - [2009-11-09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe
PRC - [2008-05-16 14:01:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [ITS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [ITS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [ITS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [ITS]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-04-02 14:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe
PRC - [2006-06-19 18:19:26 | 000,253,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
PRC - [2005-04-27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2004-08-10 22:05:14 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [1999-12-13 09:01:00 | 000,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE
[color=#E56717]========== Modules (All) ==========[/color]
MOD - [2010-04-22 15:39:08 | 000,088,064 | RHS- | M] () -- C:\Documents and Settings\Chryscienko\Ustawienia lokalne\Temp\nodqq0.dll
MOD - [2010-04-22 15:11:26 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chryscienko\Pulpit\OTL.exe
MOD - [2008-10-23 13:42:42 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-10-16 02:02:56 | 000,668,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2008-06-17 20:03:16 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:51:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-14 22:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:38 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:18 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Auto | Stopped] -- -- (aawservice)
SRV - [2010-04-14 18:47:06 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-04-14 18:47:06 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-04-14 18:47:06 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009-11-09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
SRV - [2007-04-02 14:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
SRV - [2007-03-26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005-04-27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2010-04-14 18:35:48 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-04-14 18:35:26 | 000,162,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-04-14 18:31:40 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-04-14 18:31:12 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-04-14 18:31:02 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-04-14 18:30:46 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-01-13 08:59:28 | 000,115,216 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010-01-12 09:34:14 | 000,070,664 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010-01-07 12:40:26 | 000,233,136 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010-01-07 11:35:06 | 000,058,816 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNDIS)
DRV - [2009-11-23 13:54:20 | 000,088,040 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2009-06-30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008-09-15 07:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008-09-15 07:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008-09-15 07:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008-09-15 07:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008-08-02 14:45:36 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008-05-16 14:01:00 | 006,557,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007-08-12 10:27:06 | 000,009,344 | ---- | M] (Lavasoft AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - [2006-08-09 22:09:54 | 000,064,625 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gmer.sys -- (Gmer)
DRV - [2006-08-08 21:43:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2005-08-30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005-08-30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005-08-30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2004-05-02 10:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2003-01-06 13:28:00 | 000,743,136 | R--- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2002-12-05 06:01:00 | 000,241,664 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2002-12-05 06:01:00 | 000,013,056 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2002-09-23 04:37:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002-09-06 05:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2002-06-20 18:45:44 | 000,013,920 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2002-06-20 18:45:42 | 000,020,128 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2002-06-20 18:45:40 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2002-06-20 18:45:36 | 000,005,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2002-06-20 18:45:34 | 000,039,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2002-06-06 11:14:32 | 000,053,168 | ---- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) Alcatel SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2001-10-26 16:48:56 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NtApm.sys -- (NtApm)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.order.11: "Filmweb"
FF - prefs.js..browser.search.order.2: "Allegro"
FF - prefs.js..browser.search.order.3: "YouTube"
FF - prefs.js..browser.search.order.4: "IsoHunt Bit Torrent"
FF - prefs.js..browser.search.order.5: "TorrentSpy"
FF - prefs.js..browser.search.order.6: "Napisy"
FF - prefs.js..browser.search.order.7: "Wikipedia"
FF - prefs.js..browser.search.order.8: "Filmweb"
FF - prefs.js..browser.search.selectedEngine: "isoHunt - BitTorrent"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.07103010
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: silvermelxt@pardal.de:1.3.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {961408A3-C970-4577-970A-D97C29839A67}:1.3.5
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Firefox 3.0\components [2010-04-02 20:03:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Firefox 3.0\plugins [2010-04-22 14:59:46 | 000,000,000 | ---D | M]
[2008-06-18 20:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Extensions
[2005-10-22 09:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions
[2010-01-28 23:12:52 | 000,000,000 | ---D | M] (IE View) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2010-04-15 08:51:22 | 000,000,000 | ---D | M] (Charamel) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{961408A3-C970-4577-970A-D97C29839A67}
[2005-10-22 10:09:02 | 000,000,000 | ---D | M] (PimpZilla 2.0) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{9w50ge7w-88c1-4wcg-bxg9-90g1a5d31c3z}
[2010-01-29 15:49:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{a02c0c70-605c-11da-8cd6-0800200c9a66}
[2010-01-10 17:59:56 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-10-16 23:31:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2005-12-01 00:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\Longfiber
[2008-12-07 19:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\moveplayer@movenetworks.com
[2010-04-15 08:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\silvermelxt@pardal.de
[2010-01-29 15:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\tron@trionic.net
[2006-11-07 22:00:32 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\searchplugins\filmweb.xml
[2008-05-29 17:52:36 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\searchplugins\youtube.xml
[2008-05-29 17:52:38 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\searchplugins\isohuntBT.xml
O1 HOSTS File: ([2006-08-11 10:15:32 | 000,001,092 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Chryscienko\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTClk\NVRTClk.exe ()
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCSuiteTrayApplication] D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKCU..\Run: [nod32] C:\Documents and Settings\Chryscienko\Ustawienia lokalne\Temp\nodqq.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - D:\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - D:\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - D:\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - D:\Canon\Easy-WebPrint\Resource.dll ()
O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/msaudio.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.39.205 212.76.39.211
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Chryscienko\Dane aplikacji\Microsoft\Internet Explorer\Tapeta programu Internet Explorer.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Chryscienko\Dane aplikacji\Microsoft\Internet Explorer\Tapeta programu Internet Explorer.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004-06-22 17:21:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [FAT32]
O32 - AutoRun File - [2010-04-22 15:56:44 | 000,000,063 | RHS- | M] () - C:\autorun.inf -- [FAT32]
O32 - AutoRun File - [2010-04-22 15:56:43 | 000,000,063 | RHS- | M] () - D:\autorun.inf -- [NTFS]
O33 - MountPoints2\{0033aaa4-7e71-11dc-bc07-0010dcfda8e3}\Shell\AutoRun\command - "" = WDSetup.exe
O33 - MountPoints2\{34b03d05-22e9-11df-b4be-0010dcfda8e3}\Shell - "" = AutoRun
O33 - MountPoints2\{34b03d05-22e9-11df-b4be-0010dcfda8e3}\Shell\1\Command - "" = F:\Recycle.exe -- File not found
O33 - MountPoints2\{34b03d05-22e9-11df-b4be-0010dcfda8e3}\Shell\2\Command - "" = F:\Recycle.exe -- File not found
O33 - MountPoints2\{34b03d06-22e9-11df-b4be-0010dcfda8e3}\Shell\AutoRun\command - "" = qphdin.com
O33 - MountPoints2\{34b03d06-22e9-11df-b4be-0010dcfda8e3}\Shell\open\Command - "" = qphdin.com
O33 - MountPoints2\{542e7164-49f7-11dd-a5f3-0010dcfda8e3}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{7750b750-c46d-11d8-b82e-806d6172696f}\Shell\AutoRun\command - "" = D:\vgyn6ewc.exe -- [2010-04-21 18:24:32 | 000,128,512 | RHS- | M] ()
O33 - MountPoints2\{7750b750-c46d-11d8-b82e-806d6172696f}\Shell\open\Command - "" = D:\vgyn6ewc.exe -- [2010-04-21 18:24:32 | 000,128,512 | RHS- | M] ()
O33 - MountPoints2\{7750b753-c46d-11d8-b82e-806d6172696f}\Shell\AutoRun\command - "" = C:\vgyn6ewc.exe -- [2010-04-21 18:24:32 | 000,128,512 | RHS- | M] ()
O33 - MountPoints2\{7750b753-c46d-11d8-b82e-806d6172696f}\Shell\open\Command - "" = C:\vgyn6ewc.exe -- [2010-04-21 18:24:32 | 000,128,512 | RHS- | M] ()
O33 - MountPoints2\{791771b0-abdb-11dd-a8c1-0010dcfda8e3}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{878366da-83cc-11dc-a063-0010dcfda8e3}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{8dac28e8-8f00-11dd-a7d8-0010dcfda8e3}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe
O33 - MountPoints2\{8dac28e8-8f00-11dd-a7d8-0010dcfda8e3}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe
O33 - MountPoints2\{9ed44e66-f292-11dd-ab07-0010dcfda8e3}\Shell\autorun\command - "" = F:\fooool.exe -- File not found
O33 - MountPoints2\{9ed44e66-f292-11dd-ab07-0010dcfda8e3}\Shell\explore\command - "" = F:\fooool.exe -- File not found
O33 - MountPoints2\{9ed44e66-f292-11dd-ab07-0010dcfda8e3}\Shell\open\command - "" = F:\fooool.exe -- File not found
O33 - MountPoints2\{a395d6dc-fa5e-11db-b7cf-0090d0a65cc5}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{a7988a10-9c0e-11dd-a83a-0010dcfda8e3}\Shell\AutoRun\command - "" = F:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{a7988a10-9c0e-11dd-a83a-0010dcfda8e3}\Shell\open\Command - "" = F:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{b8faee58-c01b-11dc-a209-0010dcfda8e3}\Shell\AutoRun\command - "" = F:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{b8faee58-c01b-11dc-a209-0010dcfda8e3}\Shell\open\Command - "" = F:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{e7e02c16-337c-11df-b548-0010dcfda8e3}\Shell\AutoRun\command - "" = H:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{e7e02c16-337c-11df-b548-0010dcfda8e3}\Shell\open\Command - "" = H:\ysyjq1bs.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004-06-22 17:07:32 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: Ip6FwHlp - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: [b]NvCplDaemon[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NVRTCLK[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: aawservice - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: aawservice - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010-04-22 15:11:25 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chryscienko\Pulpit\OTL.exe
[2010-04-22 14:59:46 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-04-22 14:59:46 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-04-22 14:59:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-04-22 14:59:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-04-22 14:33:48 | 000,000,000 | ---D | C] -- D:\Moje dokumenty\Pobieranie
[2010-04-22 12:56:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chryscienko\Recent
[2010-04-21 12:47:52 | 000,162,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-04-21 12:47:52 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-04-21 12:47:51 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-04-21 12:47:51 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-04-21 12:47:49 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-04-21 12:47:49 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-04-21 12:47:49 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-04-21 12:47:33 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-04-21 12:47:33 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010-04-21 12:47:20 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-04-21 12:47:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-04-20 15:31:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PCToolsFirewallPlus
[2010-04-20 15:29:59 | 000,207,792 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010-04-20 15:29:59 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010-04-20 15:29:58 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010-04-20 15:29:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-04-20 15:29:40 | 000,070,664 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2010-04-20 15:29:40 | 000,058,816 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2010-04-20 15:29:40 | 000,032,680 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[2010-04-20 15:29:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010-04-20 15:29:38 | 000,115,216 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
[2010-04-20 15:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Firewall Plus
[2010-04-20 14:15:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Malwarebytes
[2010-04-20 14:15:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-04-20 14:15:18 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-04-20 14:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-04-20 14:15:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-03-31 09:22:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010-04-22 15:58:50 | 000,000,063 | RHS- | M] () -- C:\autorun.inf
[2010-04-22 15:39:20 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-04-22 15:39:06 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-04-22 15:38:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-04-22 15:11:26 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chryscienko\Pulpit\OTL.exe
[2010-04-22 14:59:36 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-04-22 14:59:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-04-22 14:59:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-04-22 14:59:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-04-22 14:59:36 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-04-22 14:03:00 | 025,690,112 | ---- | M] () -- C:\Documents and Settings\Chryscienko\ntuser.dat
[2010-04-22 14:03:00 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Chryscienko\ntuser.ini
[2010-04-21 22:24:08 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-04-21 18:24:32 | 000,128,512 | RHS- | M] () -- C:\vgyn6ewc.exe
[2010-04-21 12:47:54 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-04-21 12:47:52 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-04-21 12:17:14 | 000,002,145 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk
[2010-04-21 08:59:42 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-04-21 00:28:02 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_DOM_Chryscienko.job
[2010-04-20 14:15:24 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-04-15 11:42:48 | 000,002,525 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Pulpit\Microsoft Word.lnk
[2010-04-14 18:47:24 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010-04-14 18:47:04 | 000,153,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-04-14 18:35:48 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-04-14 18:35:26 | 000,162,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-04-14 18:31:40 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-04-14 18:31:12 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-04-14 18:31:10 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-04-14 18:31:02 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-04-14 18:30:46 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-04-08 13:11:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-04-05 13:32:46 | 065,165,471 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Pulpit\TheFresh_MixtapeVol1.zip
[2010-03-30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-03-30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-03-29 12:56:56 | 000,001,390 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Pulpit\Kalkulator.lnk
[2010-03-28 08:46:00 | 000,263,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-03-26 23:40:00 | 006,416,084 | -H-- | M] () -- C:\Documents and Settings\Chryscienko\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010-04-21 18:24:58 | 000,128,512 | RHS- | C] () -- C:\vgyn6ewc.exe
[2010-04-21 12:47:53 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-04-20 23:10:39 | 000,000,063 | RHS- | C] () -- C:\autorun.inf
[2010-04-20 15:29:59 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010-04-20 15:29:59 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010-04-20 15:29:58 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010-04-20 15:29:40 | 000,007,435 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.cat
[2010-04-20 15:29:40 | 000,007,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-DNS.cat
[2010-04-20 15:29:38 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplfw.cat
[2010-04-20 14:15:22 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-04-05 13:06:54 | 065,165,471 | ---- | C] () -- C:\Documents and Settings\Chryscienko\Pulpit\TheFresh_MixtapeVol1.zip
[2009-05-18 00:01:37 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009-05-14 13:49:48 | 000,000,153 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2008-08-02 14:38:17 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008-05-16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-05-16 14:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-05-16 14:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-05-16 14:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-08-09 22:09:52 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2006-08-08 21:43:39 | 000,052,858 | ---- | C] () -- C:\WINDOWS\System32\interceptor.sys
[2006-08-08 21:43:18 | 000,027,219 | ---- | C] () -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2006-06-21 18:45:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\FTPStubInstUtils.dll
[2006-06-12 20:31:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Drukarz.INI
[2006-03-09 15:29:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-03-09 15:29:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005-12-07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005-12-03 20:19:45 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005-11-26 14:28:26 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\implode.dll
[2005-10-01 14:03:31 | 000,000,256 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005-09-30 13:31:06 | 000,000,057 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2005-08-26 12:20:20 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2005-05-04 15:47:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005-05-04 15:45:34 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5y.DLL
[2005-04-19 22:29:58 | 000,000,018 | ---- | C] () -- C:\WINDOWS\Winzip32.ini
[2004-10-12 20:29:52 | 000,001,993 | ---- | C] () -- C:\WINDOWS\Okna.INI
[2004-10-12 20:27:37 | 000,000,356 | ---- | C] () -- C:\WINDOWS\Bazy.INI
[2004-10-09 17:05:53 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2004-07-16 12:42:31 | 000,000,398 | ---- | C] () -- C:\WINDOWS\CoverDes.INI
[2004-07-12 20:08:54 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2004-06-30 11:43:40 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2004-06-22 20:19:23 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004-06-22 18:45:16 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004-06-22 18:19:27 | 000,005,607 | R--- | C] () -- C:\WINDOWS\System32\stci.dll
[2003-03-25 06:49:02 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001-10-28 17:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[color=#E56717]========== LOP Check ==========[/color]
[2005-10-26 14:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Kazaa Lite
[2006-08-08 21:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\G DATA
[2007-07-30 20:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations
[2007-07-30 20:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2007-07-30 20:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2008-06-21 10:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2009-10-24 16:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-03-08 15:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\f-secure
[2010-03-08 15:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\fssg
[2010-04-20 15:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-04-21 12:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2005-06-29 18:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PDFCreator
[2006-04-18 18:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PEX
[2007-02-07 11:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\uTorrent
[2007-07-30 20:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PC Suite
[2007-07-30 20:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Nokia
[2007-07-30 20:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Nokia Multimedia Player
[2008-08-02 14:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Samsung
[2009-03-20 10:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-27 20:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\RayV
[2009-10-24 16:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\OpenFM
[2010-04-20 15:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PCToolsFirewallPlus
[2010-04-21 00:28:02 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_DOM_Chryscienko.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2008-05-07 22:24:26 | 000,251,152 | -HS- | M] () -- C:\ntldr
[2010-04-22 15:38:34 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-09-22 09:08:32 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2006-03-02 16:57:12 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2004-06-22 17:21:14 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2004-06-22 17:21:14 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2004-06-22 17:21:14 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2004-06-22 17:21:14 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-04-22 15:59:16 | 000,000,063 | RHS- | M] () -- C:\autorun.inf
[2010-04-21 18:24:32 | 000,128,512 | RHS- | M] () -- C:\vgyn6ewc.exe
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004-08-04 08:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004-08-04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\atapi.sys
[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:cdrom.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2002-08-29 02:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtUninstallKB826942$\ndis.sys
[2004-08-04 08:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\userinit.exe
[2004-08-04 09:44:28 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=BD768099B4C44AA631728CB74EB54396 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 09:44:28 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >Pobierz The Avenger zaznacz poniższy tekst
kopiujesz - klikasz na Paste Script from Clipboard - Execute - Potwierdzasz i zgadzasz się na restart klikając OK.
Po wykonaniu skasuj z dysku plik: C:\Avenger\backup.zip i wklej raport na forum C:\avenger.txt
Instrukcja obsługi programu http://cybertrash.pl/images/tata/Avenger/Avenger.html
Po tym nowy log OTL
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\Documents and Settings\Chryscienko\Ustawienia lokalne\Temp\nodqq0.dll" deleted successfully.
File "C:\Documents and Settings\Chryscienko\Ustawienia lokalne\Temp\nodqq.exe" deleted successfully.
File "C:\autorun.inf" deleted successfully.
File "C:\vgyn6ewc.exe" deleted successfully.
Error: folder "C:\RECYCLER" not found!
Deletion of folder "C:\RECYCLER" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
File "D:\autorun.inf" deleted successfully.
File "D:\vgyn6ewc.exe" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.Zabezpiecz się przed infekcją z mediów przenośnych użyj Flash Disinfector lub Perlovga Removal Tool http://www.searchengines.pl/Infekcje-z- … 94761.html Najpierw użyj np Flash Disinfector następnie podepnij pendrive i karty pamięci i je także przeskanuj
Pokaż nowy log OTL
Nowy log z OTL
OTL logfile created on: 2010-04-22 17:22:18 - Run 3
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Documents and Settings\Chryscienko\Pulpit
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1 023,00 Mb Total Physical Memory | 626,00 Mb Available Physical Memory | 61,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,63 Gb Total Space | 5,93 Gb Free Space | 40,54% Space Free | Partition Type: FAT32
Drive D: | 59,87 Gb Total Space | 15,33 Gb Free Space | 25,61% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DOM
Current User Name: Chryscienko
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (All) ==========[/color]
PRC - [2010-04-22 15:11:26 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chryscienko\Pulpit\OTL.exe
PRC - [2010-04-22 14:59:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-04-14 18:47:08 | 002,790,472 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-04-14 18:47:06 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-04-02 11:59:54 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Firefox 3.0\firefox.exe
PRC - [2010-02-18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-01-12 11:41:00 | 003,168,216 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
PRC - [2009-11-09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe
PRC - [2008-05-16 14:01:00 | 000,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-14 22:51:44 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2008-04-14 22:51:44 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [ITS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [ITS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [ITS]
PRC - [2008-04-14 22:51:44 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [ITS]
PRC - [2008-04-14 22:51:40 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-04-14 22:51:40 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2008-04-14 22:51:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-14 22:51:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 22:51:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-04-02 14:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe
PRC - [2006-06-19 18:19:26 | 000,253,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
PRC - [2005-04-27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2004-08-10 22:05:14 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [1999-12-13 09:01:00 | 000,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE
[color=#E56717]========== Modules (All) ==========[/color]
MOD - [2010-04-22 15:11:26 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chryscienko\Pulpit\OTL.exe
MOD - [2008-10-23 13:42:42 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-06-17 20:03:16 | 008,489,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2008-04-14 22:51:58 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-14 22:50:58 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-14 22:50:58 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-14 22:50:58 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-14 22:50:58 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-14 22:50:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-14 22:50:48 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-14 22:50:48 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2008-04-14 22:50:46 | 001,287,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2008-04-14 22:50:46 | 000,584,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2008-04-14 22:50:46 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-14 22:50:46 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-14 22:50:46 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2008-04-14 22:50:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-14 22:50:40 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-14 22:50:36 | 001,018,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2008-04-14 22:50:14 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-14 22:50:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-04-14 22:49:16 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2008-04-14 22:29:10 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Auto | Stopped] -- -- (aawservice)
SRV - [2010-04-14 18:47:06 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-04-14 18:47:06 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-04-14 18:47:06 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009-11-09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
SRV - [2007-04-02 14:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
SRV - [2007-03-26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2005-04-27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2010-04-14 18:35:48 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-04-14 18:35:26 | 000,162,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-04-14 18:31:40 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-04-14 18:31:12 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-04-14 18:31:02 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-04-14 18:30:46 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-01-13 08:59:28 | 000,115,216 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010-01-12 09:34:14 | 000,070,664 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010-01-07 12:40:26 | 000,233,136 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010-01-07 11:35:06 | 000,058,816 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNDIS)
DRV - [2009-11-23 13:54:20 | 000,088,040 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2009-06-30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008-09-15 07:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008-09-15 07:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008-09-15 07:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008-09-15 07:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008-08-02 14:45:36 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008-05-16 14:01:00 | 006,557,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007-08-12 10:27:06 | 000,009,344 | ---- | M] (Lavasoft AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - [2006-08-09 22:09:54 | 000,064,625 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gmer.sys -- (Gmer)
DRV - [2006-08-08 21:43:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2005-08-30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005-08-30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005-08-30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2004-05-02 10:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2003-01-06 13:28:00 | 000,743,136 | R--- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2002-12-05 06:01:00 | 000,241,664 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2002-12-05 06:01:00 | 000,013,056 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2002-09-23 04:37:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002-09-06 05:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2002-06-20 18:45:44 | 000,013,920 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2002-06-20 18:45:42 | 000,020,128 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2002-06-20 18:45:40 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2002-06-20 18:45:36 | 000,005,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2002-06-20 18:45:34 | 000,039,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2002-06-06 11:14:32 | 000,053,168 | ---- | M] (THOMSON multimedia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) Alcatel SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2001-10-26 16:48:56 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NtApm.sys -- (NtApm)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.order.11: "Filmweb"
FF - prefs.js..browser.search.order.2: "Allegro"
FF - prefs.js..browser.search.order.3: "YouTube"
FF - prefs.js..browser.search.order.4: "IsoHunt Bit Torrent"
FF - prefs.js..browser.search.order.5: "TorrentSpy"
FF - prefs.js..browser.search.order.6: "Napisy"
FF - prefs.js..browser.search.order.7: "Wikipedia"
FF - prefs.js..browser.search.order.8: "Filmweb"
FF - prefs.js..browser.search.selectedEngine: "isoHunt - BitTorrent"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.07103010
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: silvermelxt@pardal.de:1.3.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {961408A3-C970-4577-970A-D97C29839A67}:1.3.5
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Firefox 3.0\components [2010-04-02 20:03:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Firefox 3.0\plugins [2010-04-22 14:59:46 | 000,000,000 | ---D | M]
[2008-06-18 20:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Extensions
[2005-10-22 09:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions
[2010-01-28 23:12:52 | 000,000,000 | ---D | M] (IE View) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2010-04-15 08:51:22 | 000,000,000 | ---D | M] (Charamel) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{961408A3-C970-4577-970A-D97C29839A67}
[2005-10-22 10:09:02 | 000,000,000 | ---D | M] (PimpZilla 2.0) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{9w50ge7w-88c1-4wcg-bxg9-90g1a5d31c3z}
[2010-01-29 15:49:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{a02c0c70-605c-11da-8cd6-0800200c9a66}
[2010-01-10 17:59:56 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-10-16 23:31:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2005-12-01 00:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\Longfiber
[2008-12-07 19:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\moveplayer@movenetworks.com
[2010-04-15 08:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\silvermelxt@pardal.de
[2010-01-29 15:49:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\extensions\tron@trionic.net
[2006-11-07 22:00:32 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\searchplugins\filmweb.xml
[2008-05-29 17:52:36 | 000,001,628 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\searchplugins\youtube.xml
[2008-05-29 17:52:38 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Mozilla\Firefox\Profiles\a7i8z8lq.default\searchplugins\isohuntBT.xml
O1 HOSTS File: ([2006-08-11 10:15:32 | 000,001,092 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Chryscienko\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTClk\NVRTClk.exe ()
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCSuiteTrayApplication] D:\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKCU..\Run: [nod32] C:\DOCUME~1\CHRYSC~1\USTAWI~1\Temp\nodqq.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - D:\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - D:\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - D:\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - D:\Canon\Easy-WebPrint\Resource.dll ()
O16 - DPF: {00000161-0000-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/msaudio.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.39.205 212.76.39.211
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Chryscienko\Dane aplikacji\Microsoft\Internet Explorer\Tapeta programu Internet Explorer.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Chryscienko\Dane aplikacji\Microsoft\Internet Explorer\Tapeta programu Internet Explorer.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004-06-22 17:21:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [FAT32]
O33 - MountPoints2\{0033aaa4-7e71-11dc-bc07-0010dcfda8e3}\Shell\AutoRun\command - "" = WDSetup.exe
O33 - MountPoints2\{34b03d05-22e9-11df-b4be-0010dcfda8e3}\Shell - "" = AutoRun
O33 - MountPoints2\{34b03d05-22e9-11df-b4be-0010dcfda8e3}\Shell\1\Command - "" = F:\Recycle.exe -- File not found
O33 - MountPoints2\{34b03d05-22e9-11df-b4be-0010dcfda8e3}\Shell\2\Command - "" = F:\Recycle.exe -- File not found
O33 - MountPoints2\{34b03d06-22e9-11df-b4be-0010dcfda8e3}\Shell\AutoRun\command - "" = qphdin.com
O33 - MountPoints2\{34b03d06-22e9-11df-b4be-0010dcfda8e3}\Shell\open\Command - "" = qphdin.com
O33 - MountPoints2\{542e7164-49f7-11dd-a5f3-0010dcfda8e3}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{791771b0-abdb-11dd-a8c1-0010dcfda8e3}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{878366da-83cc-11dc-a063-0010dcfda8e3}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe -- File not found
O33 - MountPoints2\{8dac28e8-8f00-11dd-a7d8-0010dcfda8e3}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe
O33 - MountPoints2\{8dac28e8-8f00-11dd-a7d8-0010dcfda8e3}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe
O33 - MountPoints2\{9ed44e66-f292-11dd-ab07-0010dcfda8e3}\Shell\autorun\command - "" = F:\fooool.exe -- File not found
O33 - MountPoints2\{9ed44e66-f292-11dd-ab07-0010dcfda8e3}\Shell\explore\command - "" = F:\fooool.exe -- File not found
O33 - MountPoints2\{9ed44e66-f292-11dd-ab07-0010dcfda8e3}\Shell\open\command - "" = F:\fooool.exe -- File not found
O33 - MountPoints2\{a395d6dc-fa5e-11db-b7cf-0090d0a65cc5}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{a7988a10-9c0e-11dd-a83a-0010dcfda8e3}\Shell\AutoRun\command - "" = F:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{a7988a10-9c0e-11dd-a83a-0010dcfda8e3}\Shell\open\Command - "" = F:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{b8faee58-c01b-11dc-a209-0010dcfda8e3}\Shell\AutoRun\command - "" = F:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{b8faee58-c01b-11dc-a209-0010dcfda8e3}\Shell\open\Command - "" = F:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{e7e02c16-337c-11df-b548-0010dcfda8e3}\Shell\AutoRun\command - "" = H:\ysyjq1bs.exe -- File not found
O33 - MountPoints2\{e7e02c16-337c-11df-b548-0010dcfda8e3}\Shell\open\Command - "" = H:\ysyjq1bs.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004-06-22 17:07:32 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: Ip6FwHlp - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: [b]NvCplDaemon[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NVRTCLK[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]nwiz[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: aawservice - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: aawservice - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010-04-22 15:11:25 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Chryscienko\Pulpit\OTL.exe
[2010-04-22 14:59:46 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-04-22 14:59:46 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-04-22 14:59:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-04-22 14:59:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-04-22 14:33:48 | 000,000,000 | ---D | C] -- D:\Moje dokumenty\Pobieranie
[2010-04-22 12:56:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chryscienko\Recent
[2010-04-21 12:47:52 | 000,162,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-04-21 12:47:52 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-04-21 12:47:51 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-04-21 12:47:51 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-04-21 12:47:49 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-04-21 12:47:49 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-04-21 12:47:49 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-04-21 12:47:33 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-04-21 12:47:33 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010-04-21 12:47:20 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010-04-21 12:47:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-04-20 15:31:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PCToolsFirewallPlus
[2010-04-20 15:29:59 | 000,207,792 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2010-04-20 15:29:59 | 000,088,040 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2010-04-20 15:29:58 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2010-04-20 15:29:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-04-20 15:29:40 | 000,070,664 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys
[2010-04-20 15:29:40 | 000,058,816 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys
[2010-04-20 15:29:40 | 000,032,680 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys
[2010-04-20 15:29:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010-04-20 15:29:38 | 000,115,216 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys
[2010-04-20 15:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Firewall Plus
[2010-04-20 14:15:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Malwarebytes
[2010-04-20 14:15:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-04-20 14:15:18 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-04-20 14:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-04-20 14:15:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2010-03-31 09:22:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010-04-22 17:18:16 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-04-22 17:18:08 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010-04-22 17:18:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-04-22 17:17:24 | 025,690,112 | ---- | M] () -- C:\Documents and Settings\Chryscienko\ntuser.dat
[2010-04-22 17:17:24 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Chryscienko\ntuser.ini
[2010-04-22 15:11:26 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Chryscienko\Pulpit\OTL.exe
[2010-04-22 14:59:36 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010-04-22 14:59:36 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010-04-22 14:59:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010-04-22 14:59:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010-04-22 14:59:36 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010-04-21 22:24:08 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-04-21 12:47:54 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-04-21 12:47:52 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-04-21 12:17:14 | 000,002,145 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nokia PC Suite.lnk
[2010-04-21 08:59:42 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-04-21 00:28:02 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_DOM_Chryscienko.job
[2010-04-20 14:15:24 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-04-15 11:42:48 | 000,002,525 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Pulpit\Microsoft Word.lnk
[2010-04-14 18:47:24 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010-04-14 18:47:04 | 000,153,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-04-14 18:35:48 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010-04-14 18:35:26 | 000,162,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010-04-14 18:31:40 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010-04-14 18:31:12 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-04-14 18:31:10 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-04-14 18:31:02 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010-04-14 18:30:46 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-04-08 13:11:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-04-05 13:32:46 | 065,165,471 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Pulpit\TheFresh_MixtapeVol1.zip
[2010-03-30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-03-30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-03-29 12:56:56 | 000,001,390 | ---- | M] () -- C:\Documents and Settings\Chryscienko\Pulpit\Kalkulator.lnk
[2010-03-28 08:46:00 | 000,263,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-03-26 23:40:00 | 006,416,084 | -H-- | M] () -- C:\Documents and Settings\Chryscienko\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010-04-22 17:14:37 | 000,731,136 | ---- | C] () -- C:\Documents and Settings\Chryscienko\Pulpit\avenger.exe
[2010-04-21 12:47:53 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\avast! Free Antivirus.lnk
[2010-04-20 15:29:59 | 000,007,412 | ---- | C] () -- C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2010-04-20 15:29:59 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctcore.cat
[2010-04-20 15:29:58 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat
[2010-04-20 15:29:40 | 000,007,435 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.cat
[2010-04-20 15:29:40 | 000,007,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-DNS.cat
[2010-04-20 15:29:38 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplfw.cat
[2010-04-20 14:15:22 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk
[2010-04-05 13:06:54 | 065,165,471 | ---- | C] () -- C:\Documents and Settings\Chryscienko\Pulpit\TheFresh_MixtapeVol1.zip
[2009-05-18 00:01:37 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009-05-14 13:49:48 | 000,000,153 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2008-08-02 14:38:17 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008-05-16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008-05-16 14:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008-05-16 14:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008-05-16 14:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006-08-09 22:09:52 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2006-08-08 21:43:39 | 000,052,858 | ---- | C] () -- C:\WINDOWS\System32\interceptor.sys
[2006-08-08 21:43:18 | 000,027,219 | ---- | C] () -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2006-06-21 18:45:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\FTPStubInstUtils.dll
[2006-06-12 20:31:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Drukarz.INI
[2006-03-09 15:29:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-03-09 15:29:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005-12-07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005-12-03 20:19:45 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005-11-26 14:28:26 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\implode.dll
[2005-10-01 14:03:31 | 000,000,256 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005-09-30 13:31:06 | 000,000,057 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2005-08-26 12:20:20 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2005-05-04 15:47:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005-05-04 15:45:34 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5y.DLL
[2005-04-19 22:29:58 | 000,000,018 | ---- | C] () -- C:\WINDOWS\Winzip32.ini
[2004-10-12 20:29:52 | 000,001,993 | ---- | C] () -- C:\WINDOWS\Okna.INI
[2004-10-12 20:27:37 | 000,000,356 | ---- | C] () -- C:\WINDOWS\Bazy.INI
[2004-10-09 17:05:53 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\ZPORT4AS.dll
[2004-07-16 12:42:31 | 000,000,398 | ---- | C] () -- C:\WINDOWS\CoverDes.INI
[2004-07-12 20:08:54 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2004-06-30 11:43:40 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2004-06-22 20:19:23 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004-06-22 18:45:16 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004-06-22 18:19:27 | 000,005,607 | R--- | C] () -- C:\WINDOWS\System32\stci.dll
[2003-03-25 06:49:02 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001-10-28 17:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[color=#E56717]========== LOP Check ==========[/color]
[2005-10-26 14:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Kazaa Lite
[2006-08-08 21:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\G DATA
[2007-07-30 20:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations
[2007-07-30 20:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2007-07-30 20:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2008-06-21 10:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2009-10-24 16:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-03-08 15:24:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\f-secure
[2010-03-08 15:25:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\fssg
[2010-04-20 15:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-04-21 12:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2005-06-29 18:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PDFCreator
[2006-04-18 18:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PEX
[2007-02-07 11:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\uTorrent
[2007-07-30 20:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PC Suite
[2007-07-30 20:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Nokia
[2007-07-30 20:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Nokia Multimedia Player
[2008-08-02 14:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Samsung
[2009-03-20 10:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\Nowe Gadu-Gadu
[2009-08-27 20:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\RayV
[2009-10-24 16:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\OpenFM
[2010-04-20 15:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Chryscienko\Dane aplikacji\PCToolsFirewallPlus
[2010-04-21 00:28:02 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_DOM_Chryscienko.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2008-05-07 22:24:26 | 000,251,152 | -HS- | M] () -- C:\ntldr
[2010-04-22 17:18:00 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2001-07-21 22:13:54 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-09-22 09:08:32 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2006-03-02 16:57:12 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2004-06-22 17:21:14 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2004-06-22 17:21:14 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2004-06-22 17:21:14 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2004-06-22 17:21:14 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:agp440.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004-08-04 08:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004-08-04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004-08-04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\atapi.sys
[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2001-08-17 21:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2002-09-20 18:18:00 | 010,180,934 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:cdrom.sys
[2004-09-22 09:02:54 | 022,293,493 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008-04-14 23:09:56 | 020,110,420 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004-08-04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008-04-14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2002-08-29 02:09:26 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtUninstallKB826942$\ndis.sys
[2004-08-04 08:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008-04-14 22:51:46 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 -- C:\WINDOWS\system32\userinit.exe
[2004-08-04 09:44:28 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=BD768099B4C44AA631728CB74EB54396 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004-08-04 09:44:28 | 000,504,832 | ---- | M] (Microsoft Corporation) MD5=0344407089B08548D4FEBA62BB0F32D0 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-14 22:51:50 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 -- C:\WINDOWS\system32\winlogon.exe
< End of report >Zabezpiecz się przed infekcją z mediów przenośnych użyj Flash Disinfector lub Perlovga Removal Tool http://www.searchengines.pl/Infekcje-z- … 94761.html Najpierw użyj np Flash Disinfector następnie podepnij pendrive i karty pamięci i je także przeskanuj
W okno Custom Scans/Fixes w OTL wklej:
Klikasz na Run Fix. Log z usuwania na forum
Uruchom OTL klikasz CleanUp
Przeczyść system oraz rejestr CCleaner
Pobierz Malwarebytes http://www.dobreprogramy.pl/Malwarebyte … 13117.html przeskanuj wszystkie dyski usuń co znajdzie daj log na forum
Pendrive czysty
Do czyszczenia mogę użyć EasyCleaner taki już posiadam ???
No OK, ale wykonałeś wcześniej skrypt OTL bo nie dałeś raportu z usuwania?
Log z usuwania
All processes killed
========== OTL ==========
Process explorer.exe killed successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\nod32 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\NvCplDaemon\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\NvMediaCenter\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\NVRTCLK\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\nwiz\ deleted successfully.
Error: Unable to interpret <:File> in the current context!
Error: Unable to interpret in the current context!
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 71258 bytes
->Flash cache emptied: 698 bytes
User: Chryscienko
->Temp folder emptied: 499879631 bytes
->Temporary Internet Files folder emptied: 1377389 bytes
->Java cache emptied: 150872935 bytes
->FireFox cache emptied: 50235947 bytes
->Flash cache emptied: 3611243 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1099861 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4536774 bytes
RecycleBin emptied: 1304745 bytes
Total Files Cleaned = 680,00 mb
OTL by OldTimer - Version 3.2.2.0 log created on 04222010_174224
Files\Folders moved on Reboot...
C:\WINDOWS\temp\_avast5_\Webshlock.txt moved successfully.
Registry entries deleted on Reboot...Przepraszam moja literówka powinno być :Files
W okno Custom Scans/Fixes w OTL wklej: