Win32:Trojan-gen{Other}


(Cwiartkitrzyprzezcztery) #1


(deFco247) #2

Logi wklejasz na wklej.org lub wklej.to, a w poście dajesz link. :evil:

Fix w HiJackThis: ( Do a system scan only -> zaznaczasz pola przy podanych niżej wpisach -> Fix checked )

Odinstaluj BearShare, bo to śmieciarz.

Pokaż log OTL.


(Cwiartkitrzyprzezcztery) #3

Wyskoczylo mi coś takiego...

OTL logfile created on: 2009-08-17 20:14:06 - Run 2

OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\M4TeU$z\Pulpit

Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

510,42 Mb Total Physical Memory | 167,91 Mb Available Physical Memory | 32,90% Memory free

1,22 Gb Paging File | 0,78 Gb Available in Paging File | 63,86% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 153,38 Gb Total Space | 68,04 Gb Free Space | 44,36% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: SYPIALNIA

Current User Name: M4TeU$z

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

PRC - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe

PRC - [2007-06-13 15:23:49 | 01,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE

PRC - [2005-05-20 09:11:06 | 00,925,696 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe

PRC - [2005-09-07 15:35:36 | 00,716,800 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

PRC - 2007-04-25 16:36:26 | 00,835,584 | ---- | M -- C:\WINDOWS\vsnp325.exe

PRC - [2008-11-26 19:18:51 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe

PRC - [2004-10-13 18:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe

PRC - [2008-05-28 04:39:45 | 00,401,408 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Software Update 3\SoftAuto.exe

PRC - [2006-02-19 05:21:22 | 00,288,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

PRC - 2006-03-06 16:55:32 | 00,086,016 | ---- | M -- C:\Program Files\ivo\UniSpiker-2.6\uni_spiker-2.6.exe

PRC - [2007-08-23 14:35:00 | 00,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

PRC - [2007-04-02 08:15:40 | 00,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe

PRC - [2009-02-03 21:27:56 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe

PRC - [2006-01-20 11:20:00 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe

PRC - [2001-02-23 11:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

PRC - [2006-08-11 21:42:50 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe

PRC - 2006-03-03 22:03:10 | 00,069,632 | ---- | M -- C:\WINDOWS\System32\HPZipm12.exe

PRC - 2008-03-14 18:54:54 | 00,066,872 | ---- | M -- C:\WINDOWS\System32\PnkBstrA.exe

PRC - 2008-03-22 19:23:31 | 01,251,720 | ---- | M -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

PRC - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

PRC - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

PRC - [2006-02-19 06:24:52 | 00,239,320 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

PRC - [2008-09-25 14:47:21 | 07,206,509 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - 2009-08-17 19:26:45 | 00,040,448 | ---- | M -- C:\WINDOWS\services.exe

PRC - [2009-08-17 19:52:02 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\M4TeU$z\Pulpit\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

SRV - [2008-11-26 19:12:08 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])

SRV - [2007-08-23 14:35:00 | 00,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running])

SRV - [2008-11-26 19:18:46 | 00,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])

SRV - [2008-11-26 19:18:32 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])

SRV - [2008-11-26 19:16:23 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])

SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

SRV - [2007-04-02 08:15:40 | 00,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv [Auto | Running])

SRV - [2008-05-21 13:42:56 | 00,064,000 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv [On_Demand | Stopped])

SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

SRV - [2004-08-04 14:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])

SRV - [2005-04-04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])

SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])

SRV - [2009-02-03 21:27:56 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])

SRV - File not found -- -- (KbdLockService [Auto | Stopped])

SRV - [2006-01-20 11:20:00 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])

SRV - [2007-08-23 14:35:00 | 03,192,184 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate [On_Demand | Stopped])

SRV - [2001-02-23 11:07:30 | 00,270,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe -- (MDM [Auto | Running])

SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

SRV - [2006-08-11 21:42:50 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])

SRV - 2006-03-03 22:03:10 | 00,069,632 | ---- | M -- C:\WINDOWS\System32\HPZipm12.exe -- (Pml Driver HPZ12 [unknown | Running])

SRV - 2008-03-14 18:54:54 | 00,066,872 | ---- | M -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])

SRV - 2008-03-22 19:23:31 | 01,251,720 | ---- | M -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2008-11-26 19:15:35 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [system | Running])

DRV - [2005-10-05 17:21:10 | 00,141,312 | R--- | M] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand | Running])

DRV - [2005-03-04 20:53:00 | 00,127,872 | R--- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\drivers\AEAudio.sys -- (AEAudioService [On_Demand | Running])

DRV - [2002-10-09 15:53:54 | 00,043,904 | ---- | M] (Alfa Corporation) -- C:\WINDOWS\system32\Drivers\AFPAnsi.sys -- (AFPAnsi [boot | Running])

DRV - [2008-11-26 19:17:25 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])

DRV - [2008-11-26 19:18:18 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])

DRV - [2008-11-26 19:16:29 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])

DRV - [2008-11-26 19:17:36 | 00,111,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [system | Running])

DRV - [2008-11-26 19:16:38 | 00,050,864 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [system | Running])

DRV - [2004-01-09 15:23:48 | 00,042,496 | ---- | M] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\DRIVERS\fetnd5b.sys -- (FETNDISB [On_Demand | Running])

DRV - [2006-09-19 14:44:04 | 00,015,664 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])

DRV - [2007-06-14 14:14:20 | 00,039,808 | ---- | M] (G DATA Software Sp. z o.o.) -- C:\WINDOWS\System32\drivers\GLogin.sys -- (GLogin [system | Running])

DRV - [2004-10-27 15:21:30 | 00,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped])

DRV - [2004-10-27 15:21:36 | 00,138,240 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])

DRV - 2006-04-12 12:04:39 | 00,049,664 | R--- | M -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Running])

DRV - 2006-04-12 12:04:39 | 00,016,496 | R--- | M -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Running])

DRV - 2006-04-12 12:04:39 | 00,021,568 | ---- | M -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Running])

DRV - 2006-02-08 03:52:58 | 00,006,912 | ---- | M -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO [boot | Running])

DRV - [2006-05-20 00:16:14 | 00,042,880 | ---- | M] (JMicron Technology Corp.) -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID [boot | Running])

DRV - 2004-08-13 12:56:20 | 00,005,810 | R--- | M -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running])

DRV - [2006-08-11 21:42:42 | 03,958,496 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])

DRV - [2004-08-04 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])

DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])

DRV - [2004-04-13 20:14:12 | 00,070,144 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys -- (RTL8023xp [On_Demand | Stopped])

DRV - [2007-11-13 12:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])

DRV - 2005-08-11 13:49:28 | 00,393,088 | R--- | M -- C:\WINDOWS\System32\drivers\Senfilt.sys -- (SenFiltService [On_Demand | Running])

DRV - [2007-04-26 12:03:12 | 10,343,168 | ---- | M] (Sonix Co. Ltd.) -- C:\WINDOWS\System32\DRIVERS\snp325.sys -- (SNP325 [On_Demand | Running])

DRV - 2008-07-28 22:26:28 | 00,716,272 | ---- | M -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running])

DRV - [2006-11-25 14:15:16 | 00,010,344 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\symlcbrd.sys -- (symlcbrd [Auto | Running])

DRV - [2006-02-23 11:38:32 | 00,009,728 | R--- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32 [boot | Running])

DRV - [2006-02-23 11:39:06 | 00,011,264 | R--- | M] (VIA Technologies,Inc) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt [boot | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Allegro"

FF - prefs.js..browser.startup.homepage: "http://www.si04.webd.pl/forum/"

FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:2.1.0.12

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.1

FF - HKLM\software\mozilla\Firefox\Extensions\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-02-03 21:27:58 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-08-17 09:25:50 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 1.5\Extensions\Components: C:\Program Files\Mozilla Firefox\Components [2009-07-10 20:44:21 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 1.5\Extensions\Plugins: C:\Program Files\Mozilla Firefox\Plugins [2009-07-10 20:44:21 | 00,000,000 | ---D | M]

[2008-09-19 16:57:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\M4TeU$z\Dane aplikacji\mozilla\Extensions

[2008-09-19 16:57:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\M4TeU$z\Dane aplikacji\mozilla\Extensions{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2009-08-16 20:54:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\M4TeU$z\Dane aplikacji\mozilla\Firefox\Profiles\nvytbt5t.default\extensions

[2008-08-21 16:20:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\M4TeU$z\Dane aplikacji\mozilla\Firefox\Profiles\nvytbt5t.default\extensions{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}

[2008-09-19 17:19:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\M4TeU$z\Dane aplikacji\mozilla\Firefox\Profiles\nvytbt5t.default\extensions\foxmarks@kei.com

[2007-09-20 16:17:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\M4TeU$z\Dane aplikacji\mozilla\Firefox\Profiles\nvytbt5t.default\extensions\pl@dictionaries.addons.mozilla.org

[2009-08-16 20:54:00 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions

[2008-09-25 14:47:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2009-02-03 21:28:16 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

[2008-09-25 14:47:35 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org

[2008-09-25 14:47:18 | 00,061,038 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll

[2008-09-25 14:47:20 | 00,049,256 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll

[2008-09-25 14:47:18 | 00,166,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll

[2007-04-30 16:29:22 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll

[2009-02-03 21:27:56 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll

2008-09-25 14:47:19 | 00,017,032 | ---- | M -- C:\Program Files\mozilla firefox\plugins\npnul32.dll

2009-03-19 17:20:09 | 03,771,296 | ---- | M -- C:\Program Files\mozilla firefox\plugins\NPSWF32.dll

2008-09-25 14:47:31 | 00,003,710 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.png

2008-09-25 14:47:31 | 00,000,901 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.src

2008-09-25 14:47:31 | 00,001,076 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\google-pl.gif

2008-09-25 14:47:31 | 00,000,786 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\google-pl.src

2008-09-25 14:47:31 | 00,000,480 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.png

2008-09-25 14:47:31 | 00,001,117 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.src

2008-09-25 14:47:31 | 00,000,597 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\pbi-pl.png

2008-09-25 14:47:31 | 00,001,096 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\pbi-pl.src

2008-09-25 14:47:31 | 00,000,316 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.png

2008-09-25 14:47:31 | 00,000,792 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.src

2008-09-25 14:47:31 | 00,000,459 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.png

2008-09-25 14:47:32 | 00,001,093 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.src

2008-09-25 14:47:31 | 00,000,193 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.png

2008-09-25 14:47:31 | 00,000,974 | ---- | M -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.src

O1 HOSTS File: (21 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM..\Toolbar: (BearShare MediaBar) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\BearShare MediaBar\MediaBar.dll File not found

O3 - HKCU..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKCU..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

O3 - HKCU..\Toolbar\ShellBrowser: (BearShare MediaBar) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\BearShare MediaBar\MediaBar.dll File not found

O3 - HKCU..\Toolbar\ShellBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll File not found

O3 - HKCU..\Toolbar\WebBrowser: (BearShare MediaBar) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\BearShare MediaBar\MediaBar.dll File not found

O3 - HKCU..\Toolbar\WebBrowser: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll File not found

O3 - HKCU..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found

O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKLM..\Run: [DTemp] C:\SysPrep\Test\DTemp\DTemp.exe File not found

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NWEReboot] File not found

O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe File not found

O4 - HKLM..\Run: [services] C:\WINDOWS\services.exe ()

O4 - HKLM..\Run: [snp325] C:\WINDOWS\vsnp325.exe ()

O4 - HKLM..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe ()

O4 - HKCU..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE (Creative Technology Ltd )

O4 - HKCU..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)

O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found

O4 - HKCU..\Run: [Expressivo] C:\Program Files\ivo\Expressivo Demo\expressivo.exe File not found

O4 - HKCU..\Run: [HEXelon MAX] C:\Program Files\HEXelon MAX 6\hexelon.exe (Jerzy Znamirowski)

O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe File not found

O4 - HKCU..\Run: [softAuto.exe] C:\Program Files\Creative\Software Update 3\SoftAuto.exe (Creative Technology Ltd)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\STK016 PNP Monitor.lnk = C:\Program Files\STK016_V2.01\STK016M.exe File not found

O4 - Startup: C:\Documents and Settings\M4TeU$z\Menu Start\Programy\Autostart\UniSpiker-2.6.lnk = C:\Program Files\ivo\UniSpiker-2.6\uni_spiker-2.6.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O15 - HKCU..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Key error.)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 7540633109 (WUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)

O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.4.2_05)

O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.219.141.10 62.233.128.17

O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - 2006-09-06 11:16:01 | 00,000,000 | ---- | M - C:\AUTOEXEC.BAT -- [NTFS]

O33 - MountPoints2{082e7314-f87e-11dd-9280-0018f3cdf0f5}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\wcd32.exe -- File not found

O33 - MountPoints2{082e7314-f87e-11dd-9280-0018f3cdf0f5}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\wcd32.exe -- File not found

O33 - MountPoints2{2b94ad6a-6a18-11dd-914a-0018f3cdf0f5}\Shell - "" = AutoRun

O33 - MountPoints2{2b94ad6a-6a18-11dd-914a-0018f3cdf0f5}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[3 C:\WINDOWS\System32*.tmp files]

[2 C:\WINDOWS*.tmp files]

[2009-08-17 19:52:01 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\M4TeU$z\Pulpit\OTL.exe

2009-08-17 19:27:06 | 00,040,448 | ---- | C -- C:\WINDOWS\services.exe

[2009-08-17 19:06:39 | 00,000,000 | ---D | C] -- C:!KillBox

2009-08-17 19:06:16 | 00,056,897 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\killbox.zip

2009-08-17 18:57:39 | 00,001,739 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\HijackThis.lnk

[2009-08-17 18:57:39 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2009-08-17 18:55:04 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\M4TeU$z\Pulpit\HJTInstall.exe

[2009-08-17 18:46:52 | 08,798,656 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\M4TeU$z\Pulpit\windows-kb890830-v2.13.exe

[2009-08-17 09:23:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer

[2009-08-17 09:23:41 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild

[2009-08-17 09:23:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US

[2009-08-17 09:23:28 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies

[2009-08-17 09:22:33 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe

[2009-08-17 09:22:33 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll

[2009-08-17 09:22:33 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll

[2009-08-17 09:22:32 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll

[2009-08-17 09:22:32 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll

[2009-08-17 09:22:32 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsshhdr.dll

[2009-08-17 09:22:32 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll

[2009-08-17 09:22:31 | 00,000,000 | ---D | C] -- C:\08174035a3d19b818c

[2009-08-17 09:21:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel

[2009-08-17 09:16:38 | 00,000,000 | -HSD | C] -- C:\Config.Msi

[2009-08-17 09:14:04 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0

[2009-08-17 09:07:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles

2009-08-16 13:24:33 | 10,821,999 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\rr_gornik.rar

2009-08-16 12:55:50 | 00,539,144 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\CRIM0042.JPG

2009-08-16 12:41:42 | 00,627,992 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\CRIM0029.JPG

2009-08-16 12:36:34 | 00,139,622 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\CRIM0024.JPG

2009-08-16 12:34:27 | 00,114,550 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\CRIM0040.JPG

2009-08-16 12:33:58 | 00,661,804 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\CRIM0005.JPG

2009-08-16 12:31:51 | 00,500,701 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\CRIM0009.JPG

2009-07-31 11:33:05 | 04,828,732 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\MIC-2009-06-28_21h26m04s.wav

2009-07-31 11:32:28 | 00,785,468 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\MIC-2009-06-30_21h25m57s.wav

2009-07-31 11:32:08 | 00,218,684 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\MIC-2009-06-05_19h09m27s.wav

2009-07-31 11:31:44 | 00,115,260 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\MIC-2009-06-02_22h16m08s.wav

2009-07-30 18:24:44 | 03,932,214 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\krzesełka.bmp

[2009-07-30 18:07:23 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight

[2009-07-30 18:06:25 | 04,928,376 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\M4TeU$z\Pulpit\Silverlight.exe

2009-07-30 14:42:05 | 03,932,214 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\polonista obraza bałtyk.bmp

2009-07-30 13:57:27 | 03,932,214 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\złomiarze z polonii.bmp

2009-07-30 13:23:51 | 00,418,403 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\karta pojazdsu.jpg

2009-07-29 15:21:28 | 03,932,214 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\bytomska patologia.bmp

2009-07-29 13:14:51 | 00,184,320 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\Czasownik.doc

2009-07-28 19:31:31 | 00,024,064 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\Rammstein.doc

2009-07-27 14:22:57 | 00,124,928 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\Prywatyzacja.doc

2009-07-24 14:40:32 | 24,260,364 | ---- | C -- C:\Documents and Settings\M4TeU$z\Pulpit\2009.07.23. II runda el. LE. Ujpest - Steaua 0-2 Grzelak.avi

2009-04-11 19:27:03 | 00,000,079 | ---- | C -- C:\WINDOWS\pit2008.ini

2009-04-11 19:27:03 | 00,000,021 | ---- | C -- C:\WINDOWS\pit2007.ini

2009-03-06 16:55:04 | 00,000,083 | ---- | C -- C:\WINDOWS\PL CD Wwp.INI

2008-07-16 09:42:55 | 00,000,534 | ---- | C -- C:\WINDOWS\netdet.ini

2008-03-24 12:20:34 | 00,000,077 | ---- | C -- C:\WINDOWS\psnetwork.ini

2008-03-23 16:41:01 | 00,000,013 | ---- | C -- C:\WINDOWS\msgtn.ini

2008-03-14 18:55:11 | 00,157,664 | ---- | C -- C:\WINDOWS\System32\drivers\PnkBstrK.sys

2008-02-23 13:12:49 | 00,015,498 | ---- | C -- C:\WINDOWS\snp325.ini

2008-02-23 13:12:47 | 00,147,456 | ---- | C -- C:\WINDOWS\System32\rsnp325.dll

2008-02-23 13:12:47 | 00,057,344 | ---- | C -- C:\WINDOWS\System32\vsnpx32.dll

2008-02-10 22:37:14 | 00,057,344 | ---- | C -- C:\WINDOWS\System32\vsnp325.dll

2008-02-10 22:37:14 | 00,053,248 | ---- | C -- C:\WINDOWS\System32\csnp325.dll

2007-12-12 21:09:11 | 00,012,288 | ---- | C -- C:\WINDOWS\impborl.dll

2007-08-24 17:24:32 | 00,000,287 | ---- | C -- C:\WINDOWS\game.ini

2007-08-03 16:50:31 | 00,716,272 | ---- | C -- C:\WINDOWS\System32\drivers\sptd.sys

2007-03-17 20:53:26 | 00,000,004 | ---- | C -- C:\WINDOWS\info147.sys

2007-03-10 20:39:09 | 00,047,104 | ---- | C -- C:\WINDOWS\System32\KMVIDC32.DLL

2007-02-24 16:36:04 | 00,000,057 | ---- | C -- C:\WINDOWS\System32\peer.ini

2007-02-02 21:16:26 | 00,003,350 | -HS- | C -- C:\WINDOWS\System32\KGyGaAvL.sys

2007-02-02 21:16:26 | 00,000,088 | RHS- | C -- C:\WINDOWS\System32\3E90A6D86D.sys

2007-02-02 19:36:43 | 00,000,767 | ---- | C -- C:\WINDOWS\Thps3.INI

2007-01-26 22:33:30 | 00,000,020 | ---- | C -- C:\WINDOWS\naglos.INI

2007-01-22 17:37:04 | 00,000,427 | ---- | C -- C:\WINDOWS\ODBC.INI

2007-01-20 15:17:32 | 00,000,754 | ---- | C -- C:\WINDOWS\WORDPAD.INI

2007-01-12 19:28:47 | 00,032,140 | ---- | C -- C:\WINDOWS\System32\drivers\STK016W1.sys

2007-01-02 17:00:48 | 00,000,116 | ---- | C -- C:\WINDOWS\NeroDigital.ini

2006-12-21 11:37:10 | 00,077,824 | R--- | C -- C:\WINDOWS\System32\HPZIDS01.dll

2006-10-16 10:43:21 | 00,000,061 | ---- | C -- C:\WINDOWS\smscfg.ini

2006-09-06 19:59:15 | 00,000,732 | ---- | C -- C:\WINDOWS\System32\oeminfo.ini

2006-09-06 19:59:09 | 00,000,954 | ---- | C -- C:\WINDOWS\win.ini

2006-09-06 19:59:08 | 00,000,231 | ---- | C -- C:\WINDOWS\system.ini

2006-09-03 14:22:03 | 00,005,810 | R--- | C -- C:\WINDOWS\System32\drivers\ASACPI.sys

2006-03-09 15:29:00 | 01,662,976 | ---- | C -- C:\WINDOWS\System32\nvwdmcpl.dll

2006-03-09 15:29:00 | 01,470,464 | ---- | C -- C:\WINDOWS\System32\nview.dll

2006-03-09 15:29:00 | 01,019,904 | ---- | C -- C:\WINDOWS\System32\nvwimg.dll

2006-03-09 15:29:00 | 00,581,632 | ---- | C -- C:\WINDOWS\System32\nvhwvid.dll

2006-03-09 15:29:00 | 00,466,944 | ---- | C -- C:\WINDOWS\System32\nvshell.dll

2006-03-09 15:29:00 | 00,286,720 | ---- | C -- C:\WINDOWS\System32\nvnt4cpl.dll

2006-03-09 15:29:00 | 00,196,608 | ---- | C -- C:\WINDOWS\System32\nvapi.dll

2005-10-14 11:56:50 | 03,596,288 | ---- | C -- C:\WINDOWS\System32\qt-dx331.dll

2005-10-14 11:56:50 | 00,921,600 | ---- | C -- C:\WINDOWS\System32\VorbisEnc.dll

2005-10-14 11:56:50 | 00,761,856 | ---- | C -- C:\WINDOWS\System32\xvidcore.dll

2005-10-14 11:56:50 | 00,344,064 | ---- | C -- C:\WINDOWS\System32\xvid.dll

2005-10-14 11:56:50 | 00,237,568 | ---- | C -- C:\WINDOWS\System32\OggDS.dll

2005-10-14 11:56:50 | 00,188,416 | ---- | C -- C:\WINDOWS\System32\vorbis.dll

2005-10-14 11:56:50 | 00,155,136 | ---- | C -- C:\WINDOWS\System32\unrar.dll

2005-10-14 11:56:50 | 00,045,056 | ---- | C -- C:\WINDOWS\System32\ogg.dll

2001-07-07 04:00:02 | 00,003,234 | ---- | C -- C:\WINDOWS\System32\HPTCPMON.INI

========== Files - Modified Within 30 Days ==========

[3 C:\WINDOWS\System32*.tmp files]

[2 C:\WINDOWS*.tmp files]

[2009-08-17 19:52:02 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\M4TeU$z\Pulpit\OTL.exe

2009-08-17 19:26:45 | 00,040,448 | ---- | M -- C:\WINDOWS\services.exe

2009-08-17 19:06:12 | 00,056,897 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\killbox.zip

2009-08-17 18:57:39 | 00,001,739 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\HijackThis.lnk

[2009-08-17 18:55:04 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\M4TeU$z\Pulpit\HJTInstall.exe

[2009-08-17 18:47:11 | 08,798,656 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\M4TeU$z\Pulpit\windows-kb890830-v2.13.exe

2009-08-17 18:39:39 | 00,002,645 | ---- | M -- C:\WINDOWS\System32\CONFIG.NT

2009-08-17 18:39:12 | 00,001,170 | ---- | M -- C:\WINDOWS\System32\wpa.dbl

2009-08-17 18:37:34 | 00,000,006 | -H-- | M -- C:\WINDOWS\tasks\SA.DAT

2009-08-17 18:37:21 | 00,080,479 | ---- | M -- C:\WINDOWS\System32\nvapps.xml

2009-08-17 18:36:52 | 00,002,048 | --S- | M -- C:\WINDOWS\bootstat.dat

2009-08-17 14:18:24 | 00,192,184 | ---- | M -- C:\WINDOWS\System32\FNTCACHE.DAT

2009-08-17 09:34:29 | 00,001,374 | ---- | M -- C:\WINDOWS\imsins.BAK

2009-08-17 09:31:25 | 01,070,168 | ---- | M -- C:\WINDOWS\System32\PerfStringBackup.INI

2009-08-17 09:31:25 | 00,499,958 | ---- | M -- C:\WINDOWS\System32\perfh015.dat

2009-08-17 09:31:25 | 00,441,124 | ---- | M -- C:\WINDOWS\System32\perfh009.dat

2009-08-17 09:31:25 | 00,088,618 | ---- | M -- C:\WINDOWS\System32\perfc015.dat

2009-08-17 09:31:25 | 00,071,060 | ---- | M -- C:\WINDOWS\System32\perfc009.dat

2009-08-16 13:24:58 | 10,821,999 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\rr_gornik.rar

2009-08-16 12:53:59 | 00,139,622 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\CRIM0024.JPG

2009-08-16 12:52:18 | 00,114,550 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\CRIM0040.JPG

2009-08-13 13:53:02 | 00,539,144 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\CRIM0042.JPG

2009-08-09 12:43:00 | 00,627,992 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\CRIM0029.JPG

2009-08-08 16:48:48 | 00,500,701 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\CRIM0009.JPG

2009-08-08 16:18:06 | 00,661,804 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\CRIM0005.JPG

[2009-08-05 11:08:09 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll

[2009-08-05 11:08:09 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll

2009-07-31 21:59:46 | 02,113,520 | -H-- | M -- C:\Documents and Settings\M4TeU$z\Ustawienia lokalne\Dane aplikacji\IconCache.db

2009-07-31 11:33:06 | 04,828,732 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\MIC-2009-06-28_21h26m04s.wav

2009-07-31 11:32:28 | 00,785,468 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\MIC-2009-06-30_21h25m57s.wav

2009-07-31 11:32:08 | 00,218,684 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\MIC-2009-06-05_19h09m27s.wav

2009-07-31 11:31:44 | 00,115,260 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\MIC-2009-06-02_22h16m08s.wav

2009-07-30 22:15:06 | 00,000,284 | ---- | M -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

2009-07-30 18:24:45 | 03,932,214 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\krzesełka.bmp

[2009-07-30 18:06:40 | 04,928,376 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\M4TeU$z\Pulpit\Silverlight.exe

2009-07-30 14:42:06 | 03,932,214 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\polonista obraza bałtyk.bmp

2009-07-30 13:57:27 | 03,932,214 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\złomiarze z polonii.bmp

2009-07-30 13:24:29 | 00,418,403 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\karta pojazdsu.jpg

[2009-07-30 02:49:14 | 24,281,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe

2009-07-29 15:27:43 | 00,184,320 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\Czasownik.doc

2009-07-29 15:21:29 | 03,932,214 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\bytomska patologia.bmp

2009-07-28 19:34:43 | 00,124,928 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\Prywatyzacja.doc

2009-07-28 19:31:32 | 00,024,064 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\Rammstein.doc

[2009-07-28 00:43:24 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhtmled.ocx

2009-07-25 22:23:53 | 00,079,872 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\angol.doc

2009-07-25 22:23:48 | 00,064,512 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\angol2.doc

2009-07-24 14:41:18 | 00,000,116 | ---- | M -- C:\WINDOWS\NeroDigital.ini

2009-07-24 14:41:11 | 24,260,364 | ---- | M -- C:\Documents and Settings\M4TeU$z\Pulpit\2009.07.23. II runda el. LE. Ujpest - Steaua 0-2 Grzelak.avi

< End of report >


(deFco247) #4

Czytaj dokładnie moje posty.

Tak wklejone na forum logi się ciężko sprawdza. :frowning:

W Custom Scans/Fixes w OTL wklej:

Run Fix. Restart, jeśli będzie potrzebny.

Potem log z usuwania oraz nowy OTL.txt


(Cwiartkitrzyprzezcztery) #5

Log z usuwania: 08172009_204002.log

Nowy OTL: http://wklej.org/id/136321/


(deFco247) #6

Log wygląda na czysty.

W OTL kliknij CleanUp.

Jeśli korzystasz z Przywracania Systemu, to wyłącz i włącz je na wszystkich dyskach. Instrukcja XP.

Wyczyść rejestr i dysk CCleaner.

Usuń zbędniki z autostartu.

Wykonaj pełny skan DR WEB CureIt.

Gdy będą wirusy pokaż raport.

No i zainstaluj Service Pack 3 dla XP.


(Asterisk) #7

Proszę zastosować się do tego Tematu i edytować własnego posta

w celu zmiany jego tytułu na konkretny oraz opisania problemu .

W przeciwnym razie topic wyląduje w Śmietniku.

Logi wklejasz na http://wklej.eu lub na http://wklej.org,

a w poście dajesz tylko link