Przy próbie wejścia na ową stronę,ESS rozłączył połączenie z siecią.W podglądzie widać,że udaremniono próby 3 ataków Win32/AutoRun.Agent.SU Robak. Czy to możliwe,czy jakiś false alert?
pozdrówki
Możliwe jest wszystko. Czy ten komunikat tylko przy tej stronie się pojawił?
Tak,Gutek…
Chodzi o sam fakt,i powiadomienie…
– Dodane 21.02.2010 (N) 23:03 –
Notatinik…? :o
– Dodane 21.02.2010 (N) 23:09 –
OTL logfile created on: 2010-02-21 23:00:44 - Run 2
OTL by OldTimer - Version 3.1.30.1 Folder = C:\Documents and Settings\Karol\Moje dokumenty
Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1,00 Gb Total Physical Memory | 0,00 Gb Available Physical Memory | 39,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20,00 Gb Total Space | 12,51 Gb Free Space | 62,52% Space Free | Partition Type: NTFS
Drive D: | 27,26 Gb Total Space | 25,34 Gb Free Space | 92,96% Space Free | Partition Type: NTFS
Drive E: | 27,26 Gb Total Space | 22,30 Gb Free Space | 81,80% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DOMOWY
Current User Name: Karol
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010-02-21 22:55:39 | 000,549,376 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Karol\Moje dokumenty\OTL.exe
PRC - [2009-05-14 14:47:54 | 000,731,840 | ---- | M] (ESET) – C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009-05-14 14:47:08 | 002,029,640 | ---- | M] (ESET) – C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009-03-08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-03-05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) – C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe
PRC - [2008-02-18 15:29:12 | 000,877,864 | ---- | M] (Nero AG) – C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) – C:\WINDOWS\system32\IoctlSvc.exe
PRC - [2006-01-19 23:00:00 | 000,761,946 | ---- | M] (Synaptics, Inc.) – C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2005-05-02 13:09:50 | 000,057,344 | ---- | M] (Wistron) – C:\Program Files\Launch Manager\HotkeyApp.exe
PRC - [2005-04-18 10:41:34 | 000,081,920 | ---- | M] () – C:\Program Files\Launch Manager\WButton.exe
PRC - [2005-04-05 20:52:52 | 000,364,544 | ---- | M] (ATI Technologies Inc.) – C:\WINDOWS\system32\ati2evxx.exe
PRC - [2005-04-05 20:05:00 | 000,339,968 | ---- | M] (ATI Technologies, Inc.) – C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2005-03-30 14:29:48 | 000,032,768 | ---- | M] () – C:\Program Files\Launch Manager\LaunchAp.exe
PRC - [2005-03-24 20:20:30 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) – C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005-03-16 12:52:02 | 000,204,800 | ---- | M] (Wistron) – C:\Program Files\Launch Manager\OSD.exe
PRC - [2004-10-11 09:47:02 | 000,245,760 | ---- | M] () – C:\Program Files\Launch Manager\OSDCtrl.exe
PRC - [2002-04-11 23:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) – C:\WINDOWS\system32\brsvc01a.exe
PRC - [2001-12-12 23:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) – C:\WINDOWS\system32\brss01a.exe
========== Modules (SafeList) ==========
MOD - [2010-02-21 22:55:39 | 000,549,376 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Karol\Moje dokumenty\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2009-05-14 14:54:22 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] – C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe – (EhttpSrv)
SRV - [2009-05-14 14:47:54 | 000,731,840 | ---- | M] (ESET) [Auto | Running] – C:\Program Files\ESET\ESET Smart Security\ekrn.exe – (ekrn)
SRV - [2008-02-28 16:07:48 | 000,529,704 | ---- | M] (Nero AG) [On_Demand | Stopped] – C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe – (NMIndexingService)
SRV - [2008-02-18 15:29:12 | 000,877,864 | ---- | M] (Nero AG) [Auto | Running] – C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe – (Nero BackItUp Scheduler 3)
SRV - [2007-06-15 15:55:00 | 000,300,544 | ---- | M] (Nokia.) [On_Demand | Stopped] – C:\Program Files\PC Connectivity Solution\ServiceLayer.exe – (ServiceLayer)
SRV - [2006-12-19 08:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] – C:\WINDOWS\system32\IoctlSvc.exe – (PLFlash DeviceIoControl Service)
SRV - [2005-04-05 20:52:52 | 000,364,544 | ---- | M] (ATI Technologies Inc.) [Auto | Running] – C:\WINDOWS\system32\ati2evxx.exe – (Ati HotKey Poller)
SRV - [2004-07-15 00:49:26 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe – (aspnet_state)
SRV - [2003-07-28 19:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE – (ose)
SRV - [2002-04-11 23:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] – C:\WINDOWS\system32\brsvc01a.exe – (Brother XP spl Service)
========== Driver Services (SafeList) ==========
DRV - [2009-05-14 14:49:26 | 000,055,768 | ---- | M] (ESET) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\epfwtdi.sys – (epfwtdi)
DRV - [2009-05-14 14:49:26 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\epfwndis.sys – (Epfwndis)
DRV - [2009-05-14 14:49:22 | 000,133,000 | ---- | M] (ESET) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\epfw.sys – (epfw)
DRV - [2009-05-14 14:47:14 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\ehdrv.sys – (ehdrv)
DRV - [2009-05-14 14:41:10 | 000,114,472 | ---- | M] (ESET) [File_System | Auto | Running] – C:\WINDOWS\system32\drivers\eamon.sys – (eamon)
DRV - [2008-04-13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\USBAUDIO.sys – (usbaudio) Sterownik audio USB (WDM)
DRV - [2008-04-13 17:39:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\secdrv.sys – (Secdrv)
DRV - [2008-03-17 10:03:46 | 000,101,376 | R— | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ewusbmdm.sys – (hwdatacard)
DRV - [2007-08-22 17:50:06 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\pfc.sys – (pfc)
DRV - [2007-02-22 10:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\nmwcd.sys – (nmwcd)
DRV - [2007-02-22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\nmwcdcm.sys – (nmwcdcm)
DRV - [2007-02-22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\nmwcdcj.sys – (nmwcdcj)
DRV - [2007-02-22 10:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\nmwcdc.sys – (nmwcdc)
DRV - [2006-08-25 04:47:00 | 000,036,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\PxHelp20.sys – (PxHelp20)
DRV - [2006-01-19 23:00:00 | 000,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\SynTP.sys – (SynTP)
DRV - [2005-06-23 21:16:08 | 000,162,176 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\tifm21.sys – (tifm21)
DRV - [2005-06-03 12:47:06 | 000,079,488 | R— | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\k750obex.sys – (k750obex)
DRV - [2005-06-03 12:47:04 | 000,081,728 | R— | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\k750mgmt.sys – (k750mgmt)
DRV - [2005-06-03 12:47:00 | 000,089,872 | R— | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\k750mdm.sys – (k750mdm)
DRV - [2005-06-03 12:46:58 | 000,006,576 | R— | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\k750mdfl.sys – (k750mdfl)
DRV - [2005-06-03 12:46:52 | 000,055,216 | R— | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\k750bus.sys – (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2005-05-05 01:08:38 | 000,463,168 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ar5211.sys – (AR5211)
DRV - [2005-04-05 20:58:48 | 001,035,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ati2mtag.sys – (ati2mtag)
DRV - [2005-03-25 14:04:40 | 002,314,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ALCXWDM.SYS – (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-12-15 14:18:30 | 000,200,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\HSFHWATI.sys – (HSFHWATI)
DRV - [2004-12-15 14:18:28 | 000,703,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\HSF_CNXT.sys – (winachsf)
DRV - [2004-12-15 14:18:26 | 001,038,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\HSF_DP.sys – (HSF_DP)
DRV - [2004-12-02 15:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\Rtlnicxp.sys – (RTL8023xp)
DRV - [2004-10-15 11:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\BrScnUsb.sys – (BrScnUsb)
DRV - [2004-08-04 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ptilink.sys – (Ptilink)
DRV - [2004-08-03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\RTL8139.sys – (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-03-17 10:04:14 | 000,013,059 | ---- | M] (Conexant) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\mdmxsdk.sys – (mdmxsdk)
DRV - [2003-04-28 10:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] – C:\WINDOWS\system32\drivers\HOTKEY.sys – (Hotkey)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.start24.pl/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
========== FireFox ==========
FF - prefs.js…browser.startup.homepage: “http://www.start24.pl/”
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\Components: C:\Program Files\Mozilla Firefox\components [2010-01-07 14:26:21 | 000,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-07 14:26:21 | 000,000,000 | —D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2009-10-16 19:10:27 | 000,000,000 | —D | M]
[2009-06-22 16:54:13 | 000,000,000 | —D | M] – C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Extensions
[2009-06-22 16:54:13 | 000,000,000 | —D | M] – C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\ahbun58k.default\extensions
[2009-06-22 16:53:59 | 000,000,000 | —D | M] – C:\Program Files\Mozilla Firefox\extensions
[2009-09-02 17:25:08 | 000,002,767 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-09-02 17:25:08 | 000,001,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-09-02 17:25:08 | 000,000,917 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-09-02 17:25:08 | 000,000,858 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-09-02 17:25:08 | 000,001,183 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-09-02 17:25:08 | 000,001,683 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2004-08-04 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM…\Run: [] File not found
O4 - HKLM…\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM…\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe (Wistron)
O4 - HKLM…\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM…\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM…\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM…\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe ()
O4 - HKLM…\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron)
O4 - HKLM…\Run: [soundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM…\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM…\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe ()
O4 - HKCU…\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra ‘Tools’ menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\NPJPI150.dll (Sun Microsystems, Inc.)
O9 - Extra ‘Tools’ menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM…Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab (MainControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinsta … s-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta … s-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh … wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.2
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-08-22 16:21:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]
O33 - MountPoints2{3ce13e0c-3811-11de-90c1-00c0a8ada378}\Shell - “” = AutoRun
O33 - MountPoints2{3ce13e0c-3811-11de-90c1-00c0a8ada378}\Shell\AutoRun\command - “” = G:\AutoRun.exe – File not found
O33 - MountPoints2{3ce13e0f-3811-11de-90c1-00c0a8ada378}\Shell - “” = AutoRun
O33 - MountPoints2{3ce13e0f-3811-11de-90c1-00c0a8ada378}\Shell\AutoRun\command - “” = G:\AutoRun.exe – File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] – “%1” %*
O35 - exefile [open] – “%1” %*
========== Files/Folders - Created Within 30 Days ==========
[2010-02-21 22:55:33 | 000,549,376 | ---- | C] (OldTimer Tools) – C:\Documents and Settings\Karol\Moje dokumenty\OTL.exe
[2010-02-20 18:47:11 | 000,000,000 | RH-D | C] – C:\Documents and Settings\Karol\Recent
[2010-01-23 11:29:31 | 000,000,000 | —D | C] – C:\Documents and Settings\Karol\Moje dokumenty\Any Video Converter
[2010-01-23 11:29:11 | 000,000,000 | —D | C] – C:\Documents and Settings\Karol\Dane aplikacji\AnvSoft
[2010-01-23 11:28:54 | 000,000,000 | —D | C] – C:\Program Files\AnvSoft
[2009-05-03 19:27:00 | 000,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2009-04-30 18:45:57 | 000,000,000 | --SD | M] – C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[2007-08-22 16:30:49 | 000,000,000 | --SD | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2007-08-22 16:30:48 | 000,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[9 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]
[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files - Modified Within 30 Days ==========
[2010-02-21 22:55:39 | 000,549,376 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Karol\Moje dokumenty\OTL.exe
[2010-02-21 21:31:51 | 000,000,462 | -H-- | M] () – C:\WINDOWS\tasks\User_Feed_Synchronization-{49CDC26A-CFE9-431E-BD0E-02B6B5674A04}.job
[2010-02-21 15:21:57 | 000,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT
[2010-02-21 15:21:54 | 000,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat
[2010-02-20 18:47:17 | 000,000,188 | -HS- | M] () – C:\Documents and Settings\Karol\ntuser.ini
[2010-02-20 18:47:16 | 004,980,736 | -H-- | M] () – C:\Documents and Settings\Karol\NTUSER.DAT
[2010-02-20 12:54:24 | 000,000,069 | ---- | M] () – C:\WINDOWS\NeroDigital.ini
[2010-02-20 12:54:22 | 000,014,848 | ---- | M] () – C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-19 16:51:27 | 000,002,206 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl
[2010-02-18 19:54:27 | 000,002,657 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\ACDSee Pro.lnk
[2010-02-01 19:12:35 | 000,000,560 | ---- | M] () – C:\WINDOWS\win.ini
[2010-01-23 11:29:18 | 000,000,799 | ---- | M] () – C:\Documents and Settings\Karol\Pulpit\Any Video Converter.lnk
[9 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]
[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files Created - No Company Name ==========
[2010-01-23 11:29:18 | 000,000,799 | ---- | C] () – C:\Documents and Settings\Karol\Pulpit\Any Video Converter.lnk
[2010-01-06 16:45:16 | 000,000,000 | ---- | C] () – C:\WINDOWS\Setup.INI
[2009-11-22 19:44:44 | 000,028,672 | ---- | C] () – C:\WINDOWS\gscr.dll
[2009-11-22 19:27:50 | 000,000,770 | ---- | C] () – C:\WINDOWS\flax.ini
[2009-05-04 20:33:41 | 000,000,000 | ---- | C] () – C:\WINDOWS\Irremote.ini
[2009-05-03 21:38:12 | 000,000,069 | ---- | C] () – C:\WINDOWS\NeroDigital.ini
[2009-05-03 21:38:10 | 000,014,848 | ---- | C] () – C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-04-30 17:42:43 | 000,000,419 | ---- | C] () – C:\WINDOWS\BRWMARK.INI
[2009-04-30 17:42:43 | 000,000,030 | ---- | C] () – C:\WINDOWS\System32\brss01a.ini
[2009-04-30 17:42:43 | 000,000,027 | ---- | C] () – C:\WINDOWS\BRPP2KA.INI
[2009-04-30 17:36:56 | 000,027,019 | ---- | C] () – C:\WINDOWS\maxlink.ini
[2009-04-15 22:00:01 | 000,000,130 | ---- | C] () – C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2007-08-22 18:37:55 | 000,044,544 | ---- | C] () – C:\WINDOWS\System32\Gif89.dll
[2007-08-22 17:13:24 | 000,000,421 | ---- | C] () – C:\WINDOWS\ODBC.INI
[2007-08-22 16:55:51 | 000,009,867 | ---- | C] () – C:\WINDOWS\System32\drivers\HOTKEY.sys
[2007-08-22 16:42:45 | 000,156,672 | ---- | C] () – C:\WINDOWS\System32\RTLCPAPI.dll
[2007-08-22 16:25:40 | 000,000,996 | ---- | C] () – C:\WINDOWS\System32\OEMINFO.INI
[2007-03-29 22:00:40 | 000,203,264 | R— | C] () – C:\WINDOWS\System32\CddbCdda.dll
[2004-01-14 07:46:34 | 000,172,032 | ---- | C] () – C:\WINDOWS\System32\tifmicon.dll
[2002-03-21 14:39:02 | 000,073,728 | ---- | C] () – C:\WINDOWS\System32\UNACEV2.DLL
[2002-03-04 09:16:34 | 000,110,592 | R— | C] () – C:\WINDOWS\System32\Jpeg32.dll
< End of report >
– Dodane 21.02.2010 (N) 23:19 –
Iiiiiii?
pozddawiam…