Skocz do zawartości


Zdjęcie

Logi - Niestabilne działanie Internetu


  • Zamknięty Temat jest zamknięty
14 odpowiedzi w tym temacie

#1 arekjezior

arekjezior

    Początkujący

  • 14 postów

Napisano 20 11 2011 - 11:10

Witam. Wczoraj miałem bardzo wysoki ping, po monitorowaniu sieci admin stwierdził, że jakiś program ciągle jest połączony z internetem i pobiera, a także wysyła coś bez żadnej zgody. Przeskanowałem komputer programem anti-malware'owskim. Znaleziono kilka trojanów i innych średniego poziomu zagrożeń, lecz chciałbym mieć pewność, że pozbyłem się tego syfu, dlatego mam prośbę o sprawdzenie moich logów z OTL'a.
Jednak po dalszej pracy z komputerem nadal coś jest nie tak, dalej coś wysyła i pobiera, a pingi są strasznie wysokie.

Użytkownik arekjezior edytował ten post 20 11 2011 - 11:19

  • 0

#2 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 20 11 2011 - 11:31

gdzie ten log?

  • 0

#3 arekjezior

arekjezior

    Początkujący

  • 14 postów

Napisano 20 11 2011 - 11:55

OTL logfile created on: 2011-11-20 10:00:45 - Run 5

OTL by OldTimer - Version 3.2.5.0     Folder = C:\Documents and Settings\arek\Pulpit\Skróty

Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 81,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 19,53 Gb Total Space | 2,61 Gb Free Space | 13,38% Space Free | Partition Type: NTFS

Drive D: | 63,47 Gb Total Space | 44,46 Gb Free Space | 70,05% Space Free | Partition Type: NTFS

Drive E: | 66,04 Gb Total Space | 58,42 Gb Free Space | 88,46% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: AREK-12260384B8

Current User Name: arek

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

[color=#E56717]========== Processes (SafeList) ==========[/color]

 

PRC - [2011-11-17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe

PRC - [2011-11-16 12:09:18 | 002,996,784 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe

PRC - [2011-11-10 06:33:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2010-08-12 13:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe

PRC - [2010-08-12 13:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe

PRC - [2010-05-19 21:18:49 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\arek\Pulpit\Skróty\OTL.exe

PRC - [2010-04-04 19:57:49 | 000,570,880 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe

PRC - [2010-02-28 01:33:14 | 000,821,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

PRC - [2009-12-02 21:23:52 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2009-12-02 21:23:46 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2009-06-14 02:48:44 | 004,076,544 | ---- | M] (ISecSoft) -- C:\Program Files\Anti Trojan Elite\TJEnder.exe

PRC - [2008-12-12 07:31:10 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007-08-11 15:50:00 | 000,331,264 | ---- | M] () -- C:\Program Files\NetMeter\NetMeter.exe

PRC - [2005-10-25 11:56:00 | 000,061,440 | ---- | M] (Vimicro) -- C:\WINDOWS\VM303_STI.EXE

PRC - [2004-09-29 11:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe

 

 

[color=#E56717]========== Modules (SafeList) ==========[/color]

 

MOD - [2011-09-09 20:19:54 | 000,224,032 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2hooks32.dll

MOD - [2010-05-19 21:18:49 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\arek\Pulpit\Skróty\OTL.exe

MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll

 

 

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

 

SRV - [2011-11-18 06:35:08 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)

SRV - [2011-11-16 12:09:18 | 002,996,784 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)

SRV - [2011-06-08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2010-11-03 22:33:00 | 004,045,280 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)

SRV - [2010-08-12 13:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)

SRV - [2010-08-12 13:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)

SRV - [2010-04-04 19:57:49 | 000,570,880 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)

SRV - [2010-03-18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)

SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)

SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010-03-18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)

SRV - [2010-02-28 01:33:14 | 000,821,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)

SRV - [2010-01-09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2009-12-02 21:23:52 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2009-12-02 21:23:46 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2004-09-29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

SRV - [2001-10-26 18:30:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (.EsetTrialReset)

 

 

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

 

DRV - [2011-11-02 10:13:28 | 000,034,768 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver)

DRV - [2011-11-02 10:13:12 | 000,051,632 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)

DRV - [2011-08-28 19:30:03 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)

DRV - [2011-08-28 19:30:03 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)

DRV - [2011-05-25 00:40:10 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)

DRV - [2011-05-19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)

DRV - [2011-03-25 18:04:38 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2011-02-21 20:16:43 | 000,025,544 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2010-08-04 10:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)

DRV - [2010-08-03 12:28:36 | 000,055,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)

DRV - [2010-07-29 12:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)

DRV - [2010-07-29 12:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)

DRV - [2010-07-29 12:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)

DRV - [2010-06-12 08:57:56 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)

DRV - [2010-05-05 08:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util)

DRV - [2010-04-08 06:12:47 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)

DRV - [2010-02-11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2009-12-02 21:23:52 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)

DRV - [2009-12-02 21:23:52 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)

DRV - [2009-12-02 21:23:50 | 000,211,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)

DRV - [2009-12-02 21:23:46 | 000,554,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)

DRV - [2009-11-02 09:39:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2009-06-17 14:02:46 | 000,029,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)

DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2008-05-02 07:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3112.sys -- (Si3112)

DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2008-01-21 19:28:08 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)

DRV - [2008-01-21 19:28:04 | 000,021,512 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)

DRV - [2007-09-25 15:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)

DRV - [2007-08-07 10:40:38 | 000,098,944 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2007-07-18 12:26:04 | 004,547,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2007-06-13 16:47:12 | 000,048,256 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (Jraid)

DRV - [2007-04-04 12:43:38 | 000,098,952 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716unic.sys -- (s716unic) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM)

DRV - [2007-04-04 12:43:36 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716obex.sys -- (s716obex)

DRV - [2007-04-04 12:43:36 | 000,023,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716nd5.sys -- (s716nd5) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS)

DRV - [2007-04-04 12:43:34 | 000,108,552 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdm.sys -- (s716mdm)

DRV - [2007-04-04 12:43:34 | 000,100,360 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mgmt.sys -- (s716mgmt) Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM)

DRV - [2007-04-04 12:43:32 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdfl.sys -- (s716mdfl)

DRV - [2007-04-04 12:43:20 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716bus.sys -- (s716bus) Sony Ericsson Device 716 driver (WDM)

DRV - [2005-10-27 13:34:06 | 000,390,849 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbVM303.sys -- (ZSMC303)

 

 

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

 

 

[color=#E56717]========== Internet Explorer ==========[/color]

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

 

 

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

 

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

 

IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]

IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=Z171&install_date=20110809

IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank

IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.internetscout.biz/google/?q={searchTerms}

IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.pagessyndication.com/google/iesearch.php

IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

[color=#E56717]========== FireFox ==========[/color]

 

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaultthis.engineName: "Apps-O-Rama Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2758806&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.pl/ig?hl="

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: support@platinumhideip.com:1.0

FF - prefs.js..extensions.enabledItems: zrzuta.eu@gmail.com:1.1

FF - prefs.js..extensions.enabledItems: {073fbacd-9ac2-4e44-8b72-e2dad6810509}:3.6.0.10

FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6

FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.6.0.10

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732

FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76

FF - prefs.js..extensions.enabledItems: {ffbb4527-987f-4a42-bcb5-9d90255d5cc0}:1.3.0

FF - prefs.js..network.proxy.no_proxies_on: ""

FF - prefs.js..network.proxy.socks: "127.0.0.1"

FF - prefs.js..network.proxy.socks_port: 4021

FF - prefs.js..network.proxy.socks_version: 4

 

 

FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\

FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-12-25 15:33:37 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011-08-23 15:19:11 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components [2011-08-09 08:39:47 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-11-10 06:33:09 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-11-17 17:52:22 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011-08-23 15:19:11 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-08-28 19:58:01 | 000,000,000 | ---D | M]

 

[2010-07-19 21:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Extensions

[2010-07-19 21:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Extensions\MediaCoder

[2011-11-07 19:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions

[2011-10-10 19:26:12 | 000,000,000 | ---D | M] (Apps-O-Rama Community Toolbar) -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\{073fbacd-9ac2-4e44-8b72-e2dad6810509}

[2011-01-13 20:26:17 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}

[2011-11-07 19:45:57 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}

[2011-07-30 08:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\support@platinumhideip.com

[2010-07-15 13:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\zrzuta.eu@gmail.com

[2010-12-24 20:15:07 | 000,002,424 | ---- | M] () -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\searchplugins\askcom.xml

[2011-08-09 14:38:46 | 000,001,945 | ---- | M] () -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\searchplugins\bing-zugo.xml

[2011-07-24 14:49:24 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\searchplugins\conduit.xml

[2011-08-10 08:57:11 | 000,001,276 | ---- | M] () -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\searchplugins\search-the-web.xml

[2011-11-10 06:33:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2011-08-09 18:50:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011-08-10 21:15:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com

[2011-11-10 06:33:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll

[2010-04-12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2010-07-27 15:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll

[2010-07-12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

[2011-09-23 02:36:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2007-07-26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

[2011-09-23 02:36:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2011-09-23 02:36:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2011-09-23 02:36:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2011-09-23 02:36:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2011-09-23 02:36:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

 

O1 HOSTS File: ([2010-06-11 05:04:02 | 000,000,857 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 86.127.71.45 L2authd.lineage2.com

O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found

O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O2 - BHO: (Plugin) - {E887F06F-565D-42e5-AA80-63EB0D465202} - C:\Documents and Settings\All Users\Dane aplikacji\Plugin\Plugin.dll ()

O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)

O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - Reg Error: Value error. File not found

O3 - HKLM\..\Toolbar: (Pasek &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found

O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\..\Toolbar\WebBrowser: (no name) - {00000000-5736-4205-0008-781CD0E19F00} - No CLSID value found.

O3 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

O3 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\..\Toolbar\WebBrowser: (Pasek &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found

O3 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe  (ISecSoft)

O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)

O4 - HKLM..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE (Vimicro)

O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)

O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()

O4 - HKLM..\Run: [KernelFaultCheck]  File not found

O4 - HKLM..\Run: [NPSStartup]  File not found

O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [TNOD UP] C:\Program Files\TNod User & Password Finder\TNODUP.exe File not found

O4 - HKLM..\Run: [UpdateReminder] C:\Program Files\ESET\UpdateReminder.exe (ESET, spol. s r.o.)

O4 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003..\Run: []  File not found

O4 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003..\Run: [Akamai NetSession Interface] C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc)

O4 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003..\Run: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe ()

O4 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)

O4 - HKU\.DEFAULT..\RunOnce: [nltide_2]  File not found

O4 - HKU\S-1-5-18..\RunOnce: [nltide_2]  File not found

O4 - HKU\S-1-5-19..\RunOnce: [nltide_2]  File not found

O4 - HKU\S-1-5-20..\RunOnce: [nltide_2]  File not found

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\System32\imon.dll (Eset )

O15 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\..Trusted Domains: windowsecurity.com ([www] https in Zaufane witryny)

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.219.216.1 192.168.1.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp

O32 - HKLM CDRom: AutoRun - 0

O32 - AutoRun File - [2010-02-20 10:36:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

 

[2011-11-19 22:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware

[2011-11-19 22:01:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Moje dokumenty\Anti-Malware

[2011-11-19 21:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Process Security

[2011-11-19 21:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\Anti Trojan Elite

[2011-11-19 21:25:23 | 112,185,184 | ---- | C] (Emsi Software GmbH                                          ) -- C:\Documents and Settings\arek\Pulpit\a2FreeSetup.exe

[2011-11-19 21:13:49 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

[2011-11-19 21:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue

[2011-11-19 21:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\PackageAware

[2011-11-19 20:51:18 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeter

[2011-11-19 20:50:59 | 000,615,355 | ---- | C] (ReadError                                                   ) -- C:\Documents and Settings\arek\Pulpit\NetMeter_v113.exe

[2011-11-19 13:25:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Moje dokumenty\Pobieranie

[2011-11-17 18:18:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2011-11-17 16:40:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData

[2011-11-17 16:34:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Pulpit\Skróty

[2011-11-10 06:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Akamai

 

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

 

[2011-11-20 09:56:33 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-1343024091-682003330-1003.job

[2011-11-20 09:56:29 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2011-11-20 09:56:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011-11-20 08:26:25 | 010,485,760 | -H-- | M] () -- C:\Documents and Settings\arek\NTUSER.DAT

[2011-11-20 08:26:25 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\arek\ntuser.ini

[2011-11-19 22:01:57 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Emsisoft Anti-Malware.lnk

[2011-11-19 21:52:56 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\arek\Pulpit\WindowsProcessSecurity.lnk

[2011-11-19 21:36:58 | 112,185,184 | ---- | M] (Emsi Software GmbH                                          ) -- C:\Documents and Settings\arek\Pulpit\a2FreeSetup.exe

[2011-11-19 21:34:53 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\arek\Pulpit\Anti Trojan Elite.lnk

[2011-11-19 20:51:18 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\NetMeter.lnk

[2011-11-19 20:50:59 | 000,615,355 | ---- | M] (ReadError                                                   ) -- C:\Documents and Settings\arek\Pulpit\NetMeter_v113.exe

[2011-11-19 13:27:41 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Need For Speed World.lnk

[2011-11-17 20:12:01 | 000,000,913 | ---- | M] () -- C:\WINDOWS\win.ini

[2011-11-17 20:12:01 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2011-11-17 20:12:01 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[2011-11-17 18:47:00 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\arek\Pulpit\TeamSpeak 3 Client.lnk

[2011-11-17 18:45:46 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk

[2011-11-17 18:12:51 | 000,198,656 | ---- | M] () -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011-11-17 18:12:36 | 000,000,168 | ---- | M] () -- C:\WINDOWS\usdthank.ini

[2011-11-17 17:22:10 | 000,000,230 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf

[2011-11-13 18:00:27 | 001,420,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011-11-13 17:39:59 | 000,281,656 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr

[2011-11-13 16:59:59 | 000,019,912 | ---- | M] () -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

[2011-11-13 08:05:10 | 000,281,656 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0

[2011-11-10 20:10:13 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Universal Anticheat 3.lnk

[2011-11-05 17:33:06 | 002,114,244 | -H-- | M] () -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2011-11-01 09:39:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-1343024091-682003330-1003.job

[2011-10-31 19:35:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011-10-29 17:10:06 | 000,000,101 | ---- | M] () -- C:\WINDOWS\VSWizard.ini

 

[color=#E56717]========== Files Created - No Company Name ==========[/color]

 

[2011-11-19 22:01:57 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Emsisoft Anti-Malware.lnk

[2011-11-19 21:52:56 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\arek\Pulpit\WindowsProcessSecurity.lnk

[2011-11-19 21:34:53 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\arek\Pulpit\Anti Trojan Elite.lnk

[2011-11-19 20:51:18 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\NetMeter.lnk

[2011-11-19 13:27:41 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Need For Speed World.lnk

[2011-11-17 17:22:10 | 000,000,230 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf

[2011-09-14 16:14:23 | 000,000,764 | ---- | C] () -- C:\WINDOWS\SPACEWAR.INI

[2011-06-14 18:09:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ASPRTMM0.DLL

[2011-05-25 13:27:36 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2011-03-25 06:59:55 | 000,001,276 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini

[2011-02-17 20:10:16 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini

[2011-02-17 20:10:10 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2011-02-17 20:10:10 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2011-02-17 20:10:10 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2011-02-17 20:10:10 | 000,000,590 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2010-12-25 20:02:36 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll

[2010-12-25 13:10:03 | 000,000,083 | ---- | C] () -- C:\WINDOWS\BsMobileModel.ini

[2010-12-22 15:00:12 | 000,000,545 | ---- | C] () -- C:\WINDOWS\mamba.ini

[2010-12-13 18:14:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ASPRTMM6.DLL

[2010-11-23 20:06:33 | 000,001,074 | ---- | C] () -- C:\WINDOWS\ATICIM.INI

[2010-11-18 18:56:24 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll

[2010-11-18 18:56:24 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys

[2010-11-18 18:49:43 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI

[2010-10-09 10:52:57 | 000,024,576 | ---- | C] () -- C:\WINDOWS\VMPipe.dll

[2010-09-12 19:21:15 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys

[2010-08-26 09:18:03 | 000,000,058 | ---- | C] () -- C:\WINDOWS\2pic.ini

[2010-08-11 17:02:54 | 000,004,587 | ---- | C] () -- C:\WINDOWS\hpdj3500.ini

[2010-06-03 16:38:04 | 000,431,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2010-06-03 10:49:31 | 000,000,168 | ---- | C] () -- C:\WINDOWS\usdthank.ini

[2010-06-03 10:49:31 | 000,000,031 | ---- | C] () -- C:\WINDOWS\idc.ini

[2010-05-31 15:16:08 | 000,000,261 | ---- | C] () -- C:\WINDOWS\WPE by elektro255.INI

[2010-05-16 19:57:14 | 000,005,930 | ---- | C] () -- C:\WINDOWS\CDex.INI

[2010-04-08 06:12:47 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys

[2010-04-04 19:57:49 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys

[2010-03-14 18:37:15 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2010-02-21 16:05:31 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2010-02-20 18:56:30 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2010-02-20 13:28:56 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2010-02-20 13:19:57 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll

[2010-02-20 11:06:43 | 000,000,101 | ---- | C] () -- C:\WINDOWS\VSWizard.ini

[2010-02-20 10:57:13 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2009-06-17 14:02:46 | 000,029,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys

[2008-05-04 17:39:34 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\ViaClassCoInstaller.dll

[2008-05-03 08:24:01 | 000,000,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2004-06-09 21:38:01 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\JPeg32.dll

[2000-09-12 11:58:26 | 000,160,256 | ---- | C] () -- C:\WINDOWS\System32\ShrLk21.dll

 

[color=#E56717]========== LOP Check ==========[/color]

 

[2011-02-27 10:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth

[2010-06-03 16:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite

[2010-12-24 21:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Easy Driver Pro

[2011-06-24 15:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts

[2010-02-20 11:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET

[2010-09-11 07:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios

[2010-07-06 14:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10

[2010-12-24 20:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations

[2010-07-19 14:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm

[2010-06-24 13:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon

[2010-02-21 08:25:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU

[2010-02-20 19:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonUS

[2011-02-18 18:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia

[2011-02-13 18:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache

[2011-07-28 16:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM

[2010-12-25 15:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite

[2011-07-30 08:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PlatinumHideIP

[2011-08-09 17:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Plugin

[2010-11-18 19:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung

[2011-11-13 16:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Spyware Terminator

[2010-12-24 21:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UAB

[2011-11-10 06:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VirtualizedApplications

[2011-11-19 21:13:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

[2011-07-19 06:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\.minecraft

[2011-07-02 16:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\BitTorrent

[2010-11-27 15:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\BlackBean

[2010-07-19 21:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Broad Intelligence

[2010-12-24 20:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Carambis

[2010-02-23 13:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\COWON

[2010-07-20 18:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Crystal Player

[2010-06-03 16:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\DAEMON Tools Lite

[2011-05-03 21:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Desktop Media Player

[2010-02-20 11:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\ESET

[2010-02-20 12:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Gadu-Gadu

[2010-07-06 14:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Gadu-Gadu 10

[2011-07-27 19:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Genieo

[2011-09-18 13:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\GHISLER

[2011-08-01 14:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\ijjigame

[2011-02-26 06:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Need for Speed World

[2011-04-21 16:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Nokia

[2011-04-21 16:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Nokia Ovi Suite

[2011-06-28 05:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Nowe Gadu-Gadu

[2010-07-19 21:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\OpenCandy

[2011-07-28 16:42:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\OpenFM

[2011-08-11 19:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\PBlackout

[2011-02-18 18:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\PC Suite

[2011-07-30 08:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\PlatinumHideIP

[2011-08-10 06:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Playrix Entertainment

[2011-11-13 15:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\PriceGong

[2011-11-17 18:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Samsung

[2011-05-03 21:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\ShareTV

[2011-11-08 18:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\SoftGrid Client

[2010-05-27 17:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Software Informer

[2011-06-25 16:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Sony Online Entertainment

[2011-11-19 20:15:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Spyware Terminator

[2010-02-24 06:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Teleca

[2010-11-18 18:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Temporary

[2011-09-17 15:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\TP

[2010-11-18 18:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\TransRender

[2011-05-14 19:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\TS3Client

[2010-07-19 18:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\WinAVI

[2010-08-26 09:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\XnView

 

[color=#E56717]========== Purity Check ==========[/color]

 

 

< End of report >


Użytkownik arekjezior edytował ten post 20 11 2011 - 12:07

  • 0

#4 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 20 11 2011 - 12:49

Nie widzę tu żadnej infekcji.
Kosmetyka:
Uruchom OTL i w oknie Własne opcje skanowania/Script wklej to:

:OTL
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Pasek &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\..\Toolbar\WebBrowser: (no name) - {00000000-5736-4205-0008-781CD0E19F00} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\..\Toolbar\WebBrowser: (Pasek &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found
O3 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [TNOD UP] C:\Program Files\TNod User & Password Finder\TNODUP.exe File not found
O4 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003..\Run: [] File not found
[2010-12-24 20:15:07 | 000,002,424 | ---- | M] () -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\searchplugins\askcom.xml
[2011-07-24 14:49:24 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\searchplugins\conduit.xml
[2011-08-10 08:57:11 | 000,001,276 | ---- | M] () -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\searchplugins\search-the-web.xml
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\..\URLSearchHook: - Reg Error: Key error. File not found

:Commands
[emptyflash]
[emptytemp]

Kliknij w Wykonaj Script. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania.

.
  • 1

#5 arekjezior

arekjezior

    Początkujący

  • 14 postów

Napisano 20 11 2011 - 13:02

Raport:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1454471165-1343024091-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{00000000-5736-4205-0008-781CD0E19F00} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-5736-4205-0008-781CD0E19F00}\ not found.
Registry value HKEY_USERS\S-1-5-21-1454471165-1343024091-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-1454471165-1343024091-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-1454471165-1343024091-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TNOD UP deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1454471165-1343024091-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\searchplugins\search-the-web.xml moved successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.order.1
Registry value HKEY_USERS\S-1-5-21-1454471165-1343024091-682003330-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: Administrator
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: arek
->Flash cache emptied: 857 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: LocalService
 
User: NetworkService
 
Total Flash Files Cleaned = 0,00 mb
 
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: All Users
 
User: arek
->Temp folder emptied: 4898016 bytes
->Temporary Internet Files folder emptied: 1383621 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 34578506 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 233384 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 39,00 mb
 
 
OTL by OldTimer - Version 3.2.5.0 log created on 11202011_115355

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_854.dat not found!

Registry entries deleted on Reboot...


Nowy skan:

OTL logfile created on: 2011-11-20 11:58:17 - Run 6
OTL by OldTimer - Version 3.2.5.0     Folder = C:\Documents and Settings\arek\Pulpit\Skróty
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19,53 Gb Total Space | 2,79 Gb Free Space | 14,28% Space Free | Partition Type: NTFS
Drive D: | 63,47 Gb Total Space | 44,47 Gb Free Space | 70,06% Space Free | Partition Type: NTFS
Drive E: | 66,04 Gb Total Space | 58,42 Gb Free Space | 88,46% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: AREK-12260384B8
Current User Name: arek
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011-11-17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe
PRC - [2011-11-16 12:09:18 | 002,996,784 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2011-11-10 06:33:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-11-10 06:33:07 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-08-12 13:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010-08-12 13:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2010-05-19 21:18:49 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\arek\Pulpit\Skróty\OTL.exe
PRC - [2010-04-04 19:57:49 | 000,570,880 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010-02-28 01:33:14 | 000,821,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
PRC - [2009-12-02 21:23:52 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009-12-02 21:23:46 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2008-12-12 07:31:10 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-08-11 15:50:00 | 000,331,264 | ---- | M] () -- C:\Program Files\NetMeter\NetMeter.exe
PRC - [2005-10-25 11:56:00 | 000,061,440 | ---- | M] (Vimicro) -- C:\WINDOWS\VM303_STI.EXE
PRC - [2004-09-29 11:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011-09-09 20:19:54 | 000,224,032 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2hooks32.dll
MOD - [2010-05-19 21:18:49 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\arek\Pulpit\Skróty\OTL.exe
MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2011-11-18 06:35:08 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011-11-16 12:09:18 | 002,996,784 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2011-06-08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-11-03 22:33:00 | 004,045,280 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010-08-12 13:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-08-12 13:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010-04-04 19:57:49 | 000,570,880 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010-03-18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010-02-28 01:33:14 | 000,821,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2010-01-09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009-12-02 21:23:52 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009-12-02 21:23:46 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2004-09-29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2001-10-26 18:30:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (.EsetTrialReset)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011-11-02 10:13:28 | 000,034,768 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver)
DRV - [2011-11-02 10:13:12 | 000,051,632 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2011-08-28 19:30:03 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2011-08-28 19:30:03 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)
DRV - [2011-05-25 00:40:10 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2011-05-19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2011-03-25 18:04:38 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-02-21 20:16:43 | 000,025,544 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010-08-04 10:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010-08-03 12:28:36 | 000,055,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2010-07-29 12:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2010-07-29 12:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-07-29 12:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010-06-12 08:57:56 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010-05-05 08:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util)
DRV - [2010-04-08 06:12:47 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2010-02-11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-12-02 21:23:52 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2009-12-02 21:23:52 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2009-12-02 21:23:50 | 000,211,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2009-12-02 21:23:46 | 000,554,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2009-11-02 09:39:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-06-17 14:02:46 | 000,029,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-05-02 07:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3112.sys -- (Si3112)
DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-01-21 19:28:08 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2008-01-21 19:28:04 | 000,021,512 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2007-09-25 15:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007-08-07 10:40:38 | 000,098,944 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-07-18 12:26:04 | 004,547,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-06-13 16:47:12 | 000,048,256 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (Jraid)
DRV - [2007-04-04 12:43:38 | 000,098,952 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716unic.sys -- (s716unic) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM)
DRV - [2007-04-04 12:43:36 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716obex.sys -- (s716obex)
DRV - [2007-04-04 12:43:36 | 000,023,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716nd5.sys -- (s716nd5) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS)
DRV - [2007-04-04 12:43:34 | 000,108,552 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdm.sys -- (s716mdm)
DRV - [2007-04-04 12:43:34 | 000,100,360 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mgmt.sys -- (s716mgmt) Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM)
DRV - [2007-04-04 12:43:32 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdfl.sys -- (s716mdfl)
DRV - [2007-04-04 12:43:20 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716bus.sys -- (s716bus) Sony Ericsson Device 716 driver (WDM)
DRV - [2005-10-27 13:34:06 | 000,390,849 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbVM303.sys -- (ZSMC303)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=Z171&install_date=20110809
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.internetscout.biz/google/?q={searchTerms}
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.pagessyndication.com/google/iesearch.php
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: "Apps-O-Rama Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2758806&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/ig?hl="
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: support@platinumhideip.com:1.0
FF - prefs.js..extensions.enabledItems: zrzuta.eu@gmail.com:1.1
FF - prefs.js..extensions.enabledItems: {073fbacd-9ac2-4e44-8b72-e2dad6810509}:3.6.0.10
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.6.0.10
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76
FF - prefs.js..extensions.enabledItems: {ffbb4527-987f-4a42-bcb5-9d90255d5cc0}:1.3.0
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 4021
FF - prefs.js..network.proxy.socks_version: 4
 
 
FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-12-25 15:33:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011-08-23 15:19:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components [2011-08-09 08:39:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-11-10 06:33:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-11-17 17:52:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011-08-23 15:19:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-08-28 19:58:01 | 000,000,000 | ---D | M]
 
[2010-07-19 21:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Extensions
[2010-07-19 21:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Extensions\MediaCoder
[2011-11-07 19:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions
[2011-10-10 19:26:12 | 000,000,000 | ---D | M] (Apps-O-Rama Community Toolbar) -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\{073fbacd-9ac2-4e44-8b72-e2dad6810509}
[2011-01-13 20:26:17 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011-11-07 19:45:57 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2011-07-30 08:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\support@platinumhideip.com
[2010-07-15 13:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\zrzuta.eu@gmail.com
[2011-08-09 14:38:46 | 000,001,945 | ---- | M] () -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\searchplugins\bing-zugo.xml
[2011-11-10 06:33:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2011-08-09 18:50:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011-08-10 21:15:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
[2011-11-10 06:33:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010-04-12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-07-27 15:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2010-07-12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2011-09-23 02:36:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2007-07-26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2011-09-23 02:36:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2011-09-23 02:36:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2011-09-23 02:36:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2011-09-23 02:36:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2011-09-23 02:36:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2011-11-20 10:26:08 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Plugin) - {E887F06F-565D-42e5-AA80-63EB0D465202} - C:\Documents and Settings\All Users\Dane aplikacji\Plugin\Plugin.dll ()
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe  (ISecSoft)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE (Vimicro)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateReminder] C:\Program Files\ESET\UpdateReminder.exe (ESET, spol. s r.o.)
O4 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003..\Run: [Akamai NetSession Interface] C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003..\Run: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe ()
O4 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2]  File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\System32\imon.dll (Eset )
O15 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\..Trusted Domains: windowsecurity.com ([www] https in Zaufane witryny)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.219.216.1 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010-02-20 10:36:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011-11-19 22:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2011-11-19 22:01:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Moje dokumenty\Anti-Malware
[2011-11-19 21:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Process Security
[2011-11-19 21:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\Anti Trojan Elite
[2011-11-19 21:25:23 | 112,185,184 | ---- | C] (Emsi Software GmbH                                          ) -- C:\Documents and Settings\arek\Pulpit\a2FreeSetup.exe
[2011-11-19 21:13:49 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2011-11-19 21:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011-11-19 21:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\PackageAware
[2011-11-19 20:51:18 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeter
[2011-11-19 20:50:59 | 000,615,355 | ---- | C] (ReadError                                                   ) -- C:\Documents and Settings\arek\Pulpit\NetMeter_v113.exe
[2011-11-19 13:25:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Moje dokumenty\Pobieranie
[2011-11-17 18:18:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011-11-17 16:40:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011-11-17 16:34:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Pulpit\Skróty
[2011-11-10 06:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Akamai
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011-11-20 11:55:34 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-1343024091-682003330-1003.job
[2011-11-20 11:55:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011-11-20 11:55:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-11-20 11:54:18 | 010,485,760 | -H-- | M] () -- C:\Documents and Settings\arek\NTUSER.DAT
[2011-11-20 11:54:18 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\arek\ntuser.ini
[2011-11-20 10:26:08 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011-11-20 10:25:37 | 000,568,928 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-11-20 10:25:37 | 000,505,306 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-11-20 10:25:37 | 000,110,894 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-11-20 10:25:37 | 000,088,512 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-11-20 10:25:36 | 001,292,062 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-11-19 21:36:58 | 112,185,184 | ---- | M] (Emsi Software GmbH                                          ) -- C:\Documents and Settings\arek\Pulpit\a2FreeSetup.exe
[2011-11-19 20:51:18 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\NetMeter.lnk
[2011-11-19 20:50:59 | 000,615,355 | ---- | M] (ReadError                                                   ) -- C:\Documents and Settings\arek\Pulpit\NetMeter_v113.exe
[2011-11-19 13:27:41 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Need For Speed World.lnk
[2011-11-17 20:12:01 | 000,000,913 | ---- | M] () -- C:\WINDOWS\win.ini
[2011-11-17 20:12:01 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2011-11-17 20:12:01 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011-11-17 18:47:00 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\arek\Pulpit\TeamSpeak 3 Client.lnk
[2011-11-17 18:45:46 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2011-11-17 18:12:51 | 000,198,656 | ---- | M] () -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-11-17 18:12:36 | 000,000,168 | ---- | M] () -- C:\WINDOWS\usdthank.ini
[2011-11-17 17:22:10 | 000,000,230 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2011-11-13 18:00:27 | 001,420,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-11-13 17:39:59 | 000,281,656 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011-11-13 16:59:59 | 000,019,912 | ---- | M] () -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2011-11-13 08:05:10 | 000,281,656 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2011-11-10 20:10:13 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Universal Anticheat 3.lnk
[2011-11-05 17:33:06 | 002,114,244 | -H-- | M] () -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-11-01 09:39:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-1343024091-682003330-1003.job
[2011-10-31 19:35:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-10-29 17:10:06 | 000,000,101 | ---- | M] () -- C:\WINDOWS\VSWizard.ini
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011-11-19 20:51:18 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\NetMeter.lnk
[2011-11-19 13:27:41 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Need For Speed World.lnk
[2011-11-17 17:22:10 | 000,000,230 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2011-09-14 16:14:23 | 000,000,764 | ---- | C] () -- C:\WINDOWS\SPACEWAR.INI
[2011-06-14 18:09:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ASPRTMM0.DLL
[2011-05-25 13:27:36 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011-03-25 06:59:55 | 000,001,276 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2011-02-17 20:10:16 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011-02-17 20:10:10 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-02-17 20:10:10 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-02-17 20:10:10 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-02-17 20:10:10 | 000,000,590 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-12-25 20:02:36 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-12-25 13:10:03 | 000,000,083 | ---- | C] () -- C:\WINDOWS\BsMobileModel.ini
[2010-12-22 15:00:12 | 000,000,545 | ---- | C] () -- C:\WINDOWS\mamba.ini
[2010-12-13 18:14:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ASPRTMM6.DLL
[2010-11-23 20:06:33 | 000,001,074 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2010-11-18 18:56:24 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010-11-18 18:56:24 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010-11-18 18:49:43 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI
[2010-10-09 10:52:57 | 000,024,576 | ---- | C] () -- C:\WINDOWS\VMPipe.dll
[2010-09-12 19:21:15 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2010-08-26 09:18:03 | 000,000,058 | ---- | C] () -- C:\WINDOWS\2pic.ini
[2010-08-11 17:02:54 | 000,004,587 | ---- | C] () -- C:\WINDOWS\hpdj3500.ini
[2010-06-03 16:38:04 | 000,431,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-06-03 10:49:31 | 000,000,168 | ---- | C] () -- C:\WINDOWS\usdthank.ini
[2010-06-03 10:49:31 | 000,000,031 | ---- | C] () -- C:\WINDOWS\idc.ini
[2010-05-31 15:16:08 | 000,000,261 | ---- | C] () -- C:\WINDOWS\WPE by elektro255.INI
[2010-05-16 19:57:14 | 000,005,930 | ---- | C] () -- C:\WINDOWS\CDex.INI
[2010-04-08 06:12:47 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2010-04-04 19:57:49 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010-03-14 18:37:15 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010-02-21 16:05:31 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010-02-20 18:56:30 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-02-20 13:28:56 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-02-20 13:19:57 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2010-02-20 11:06:43 | 000,000,101 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2010-02-20 10:57:13 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009-06-17 14:02:46 | 000,029,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys
[2008-05-04 17:39:34 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\ViaClassCoInstaller.dll
[2008-05-03 08:24:01 | 000,000,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004-06-09 21:38:01 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\JPeg32.dll
[2000-09-12 11:58:26 | 000,160,256 | ---- | C] () -- C:\WINDOWS\System32\ShrLk21.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-02-27 10:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth
[2010-06-03 16:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-12-24 21:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Easy Driver Pro
[2011-06-24 15:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-02-20 11:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-09-11 07:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
[2010-07-06 14:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-12-24 20:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010-07-19 14:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm
[2010-06-24 13:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2010-02-21 08:25:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2010-02-20 19:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonUS
[2011-02-18 18:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2011-02-13 18:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache
[2011-07-28 16:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-12-25 15:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-07-30 08:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PlatinumHideIP
[2011-08-09 17:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Plugin
[2010-11-18 19:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2011-11-13 16:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Spyware Terminator
[2010-12-24 21:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UAB
[2011-11-10 06:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VirtualizedApplications
[2011-11-19 21:13:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2011-07-19 06:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\.minecraft
[2011-07-02 16:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\BitTorrent
[2010-11-27 15:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\BlackBean
[2010-07-19 21:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Broad Intelligence
[2010-12-24 20:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Carambis
[2010-02-23 13:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\COWON
[2010-07-20 18:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Crystal Player
[2010-06-03 16:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\DAEMON Tools Lite
[2011-05-03 21:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Desktop Media Player
[2010-02-20 11:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\ESET
[2010-02-20 12:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Gadu-Gadu
[2010-07-06 14:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Gadu-Gadu 10
[2011-07-27 19:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Genieo
[2011-09-18 13:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\GHISLER
[2011-08-01 14:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\ijjigame
[2011-02-26 06:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Need for Speed World
[2011-04-21 16:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Nokia
[2011-04-21 16:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Nokia Ovi Suite
[2011-06-28 05:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Nowe Gadu-Gadu
[2010-07-19 21:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\OpenCandy
[2011-07-28 16:42:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\OpenFM
[2011-08-11 19:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\PBlackout
[2011-02-18 18:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\PC Suite
[2011-07-30 08:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\PlatinumHideIP
[2011-08-10 06:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Playrix Entertainment
[2011-11-13 15:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\PriceGong
[2011-11-17 18:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Samsung
[2011-05-03 21:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\ShareTV
[2011-11-08 18:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\SoftGrid Client
[2010-05-27 17:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Software Informer
[2011-06-25 16:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Sony Online Entertainment
[2011-11-19 20:15:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Spyware Terminator
[2010-02-24 06:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Teleca
[2010-11-18 18:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Temporary
[2011-09-17 15:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\TP
[2010-11-18 18:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\TransRender
[2011-05-14 19:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\TS3Client
[2010-07-19 18:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\WinAVI
[2010-08-26 09:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\XnView
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
< End of report >
PRC - [2011-11-17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe
PRC - [2011-11-16 12:09:18 | 002,996,784 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2011-11-10 06:33:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-11-10 06:33:07 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-08-12 13:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010-08-12 13:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2010-05-19 21:18:49 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\arek\Pulpit\Skróty\OTL.exe
PRC - [2010-04-04 19:57:49 | 000,570,880 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010-02-28 01:33:14 | 000,821,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
PRC - [2009-12-02 21:23:52 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009-12-02 21:23:46 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2008-12-12 07:31:10 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-08-11 15:50:00 | 000,331,264 | ---- | M] () -- C:\Program Files\NetMeter\NetMeter.exe
PRC - [2005-10-25 11:56:00 | 000,061,440 | ---- | M] (Vimicro) -- C:\WINDOWS\VM303_STI.EXE
PRC - [2004-09-29 11:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011-09-09 20:19:54 | 000,224,032 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2hooks32.dll
MOD - [2010-05-19 21:18:49 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\arek\Pulpit\Skróty\OTL.exe
MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2011-11-18 06:35:08 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011-11-16 12:09:18 | 002,996,784 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2011-06-08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-11-03 22:33:00 | 004,045,280 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010-08-12 13:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010-08-12 13:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2010-04-04 19:57:49 | 000,570,880 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010-03-18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010-02-28 01:33:14 | 000,821,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2010-01-09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009-12-02 21:23:52 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009-12-02 21:23:46 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2004-09-29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2001-10-26 18:30:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (.EsetTrialReset)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011-11-02 10:13:28 | 000,034,768 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver)
DRV - [2011-11-02 10:13:12 | 000,051,632 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2011-08-28 19:30:03 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2011-08-28 19:30:03 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)
DRV - [2011-05-25 00:40:10 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2011-05-19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2011-03-25 18:04:38 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-02-21 20:16:43 | 000,025,544 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010-08-04 10:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010-08-03 12:28:36 | 000,055,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2010-07-29 12:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2010-07-29 12:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-07-29 12:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010-06-12 08:57:56 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2010-05-05 08:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys -- (a2util)
DRV - [2010-04-08 06:12:47 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2010-02-11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009-12-02 21:23:52 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2009-12-02 21:23:52 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2009-12-02 21:23:50 | 000,211,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2009-12-02 21:23:46 | 000,554,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2009-11-02 09:39:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-06-17 14:02:46 | 000,029,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-05-02 07:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3112.sys -- (Si3112)
DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-01-21 19:28:08 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2008-01-21 19:28:04 | 000,021,512 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2007-09-25 15:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007-08-07 10:40:38 | 000,098,944 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-07-18 12:26:04 | 004,547,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-06-13 16:47:12 | 000,048,256 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (Jraid)
DRV - [2007-04-04 12:43:38 | 000,098,952 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716unic.sys -- (s716unic) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM)
DRV - [2007-04-04 12:43:36 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716obex.sys -- (s716obex)
DRV - [2007-04-04 12:43:36 | 000,023,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716nd5.sys -- (s716nd5) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS)
DRV - [2007-04-04 12:43:34 | 000,108,552 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdm.sys -- (s716mdm)
DRV - [2007-04-04 12:43:34 | 000,100,360 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mgmt.sys -- (s716mgmt) Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM)
DRV - [2007-04-04 12:43:32 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdfl.sys -- (s716mdfl)
DRV - [2007-04-04 12:43:20 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716bus.sys -- (s716bus) Sony Ericsson Device 716 driver (WDM)
DRV - [2005-10-27 13:34:06 | 000,390,849 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbVM303.sys -- (ZSMC303)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=Z171&install_date=20110809
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.internetscout.biz/google/?q={searchTerms}
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.pagessyndication.com/google/iesearch.php
IE - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: "Apps-O-Rama Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2758806&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/ig?hl="
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: support@platinumhideip.com:1.0
FF - prefs.js..extensions.enabledItems: zrzuta.eu@gmail.com:1.1
FF - prefs.js..extensions.enabledItems: {073fbacd-9ac2-4e44-8b72-e2dad6810509}:3.6.0.10
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.6.0.10
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76
FF - prefs.js..extensions.enabledItems: {ffbb4527-987f-4a42-bcb5-9d90255d5cc0}:1.3.0
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 4021
FF - prefs.js..network.proxy.socks_version: 4
 
 
FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\
FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010-12-25 15:33:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011-08-23 15:19:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 7\components [2011-08-09 08:39:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-11-10 06:33:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-11-17 17:52:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011-08-23 15:19:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-08-28 19:58:01 | 000,000,000 | ---D | M]
 
[2010-07-19 21:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Extensions
[2010-07-19 21:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Extensions\MediaCoder
[2011-11-07 19:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions
[2011-10-10 19:26:12 | 000,000,000 | ---D | M] (Apps-O-Rama Community Toolbar) -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\{073fbacd-9ac2-4e44-8b72-e2dad6810509}
[2011-01-13 20:26:17 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011-11-07 19:45:57 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2011-07-30 08:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\support@platinumhideip.com
[2010-07-15 13:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\zrzuta.eu@gmail.com
[2011-08-09 14:38:46 | 000,001,945 | ---- | M] () -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\searchplugins\bing-zugo.xml
[2011-11-10 06:33:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2011-08-09 18:50:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011-08-10 21:15:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
[2011-11-10 06:33:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010-04-12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-07-27 15:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2010-07-12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2011-09-23 02:36:11 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2007-07-26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2011-09-23 02:36:11 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2011-09-23 02:36:11 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2011-09-23 02:36:11 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2011-09-23 02:36:11 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2011-09-23 02:36:11 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2011-11-20 10:26:08 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Plugin) - {E887F06F-565D-42e5-AA80-63EB0D465202} - C:\Documents and Settings\All Users\Dane aplikacji\Plugin\Plugin.dll ()
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe  (ISecSoft)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE (Vimicro)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateReminder] C:\Program Files\ESET\UpdateReminder.exe (ESET, spol. s r.o.)
O4 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003..\Run: [Akamai NetSession Interface] C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003..\Run: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe ()
O4 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-19..\RunOnce: [nltide_2]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [nltide_2]  File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\System32\imon.dll (Eset )
O15 - HKU\S-1-5-21-1454471165-1343024091-682003330-1003\..Trusted Domains: windowsecurity.com ([www] https in Zaufane witryny)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.219.216.1 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Tapeta pulpitu.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010-02-20 10:36:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011-11-19 22:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2011-11-19 22:01:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Moje dokumenty\Anti-Malware
[2011-11-19 21:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Process Security
[2011-11-19 21:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\Anti Trojan Elite
[2011-11-19 21:25:23 | 112,185,184 | ---- | C] (Emsi Software GmbH                                          ) -- C:\Documents and Settings\arek\Pulpit\a2FreeSetup.exe
[2011-11-19 21:13:49 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2011-11-19 21:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011-11-19 21:13:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\PackageAware
[2011-11-19 20:51:18 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeter
[2011-11-19 20:50:59 | 000,615,355 | ---- | C] (ReadError                                                   ) -- C:\Documents and Settings\arek\Pulpit\NetMeter_v113.exe
[2011-11-19 13:25:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Moje dokumenty\Pobieranie
[2011-11-17 18:18:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011-11-17 16:40:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011-11-17 16:34:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Pulpit\Skróty
[2011-11-10 06:33:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Akamai
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011-11-20 11:55:34 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-1343024091-682003330-1003.job
[2011-11-20 11:55:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2011-11-20 11:55:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011-11-20 11:54:18 | 010,485,760 | -H-- | M] () -- C:\Documents and Settings\arek\NTUSER.DAT
[2011-11-20 11:54:18 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\arek\ntuser.ini
[2011-11-20 10:26:08 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011-11-20 10:25:37 | 000,568,928 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2011-11-20 10:25:37 | 000,505,306 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011-11-20 10:25:37 | 000,110,894 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2011-11-20 10:25:37 | 000,088,512 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011-11-20 10:25:36 | 001,292,062 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2011-11-19 21:36:58 | 112,185,184 | ---- | M] (Emsi Software GmbH                                          ) -- C:\Documents and Settings\arek\Pulpit\a2FreeSetup.exe
[2011-11-19 20:51:18 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\NetMeter.lnk
[2011-11-19 20:50:59 | 000,615,355 | ---- | M] (ReadError                                                   ) -- C:\Documents and Settings\arek\Pulpit\NetMeter_v113.exe
[2011-11-19 13:27:41 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Need For Speed World.lnk
[2011-11-17 20:12:01 | 000,000,913 | ---- | M] () -- C:\WINDOWS\win.ini
[2011-11-17 20:12:01 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2011-11-17 20:12:01 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011-11-17 18:47:00 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\arek\Pulpit\TeamSpeak 3 Client.lnk
[2011-11-17 18:45:46 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2011-11-17 18:12:51 | 000,198,656 | ---- | M] () -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-11-17 18:12:36 | 000,000,168 | ---- | M] () -- C:\WINDOWS\usdthank.ini
[2011-11-17 17:22:10 | 000,000,230 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf
[2011-11-13 18:00:27 | 001,420,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-11-13 17:39:59 | 000,281,656 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011-11-13 16:59:59 | 000,019,912 | ---- | M] () -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2011-11-13 08:05:10 | 000,281,656 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2011-11-10 20:10:13 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Universal Anticheat 3.lnk
[2011-11-05 17:33:06 | 002,114,244 | -H-- | M] () -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2011-11-01 09:39:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-1343024091-682003330-1003.job
[2011-10-31 19:35:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011-10-29 17:10:06 | 000,000,101 | ---- | M] () -- C:\WINDOWS\VSWizard.ini
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011-11-19 20:51:18 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\NetMeter.lnk
[2011-11-19 13:27:41 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Need For Speed World.lnk
[2011-11-17 17:22:10 | 000,000,230 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf
[2011-09-14 16:14:23 | 000,000,764 | ---- | C] () -- C:\WINDOWS\SPACEWAR.INI
[2011-06-14 18:09:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ASPRTMM0.DLL
[2011-05-25 13:27:36 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011-03-25 06:59:55 | 000,001,276 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2011-02-17 20:10:16 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011-02-17 20:10:10 | 000,810,496 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-02-17 20:10:10 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-02-17 20:10:10 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-02-17 20:10:10 | 000,000,590 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010-12-25 20:02:36 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010-12-25 13:10:03 | 000,000,083 | ---- | C] () -- C:\WINDOWS\BsMobileModel.ini
[2010-12-22 15:00:12 | 000,000,545 | ---- | C] () -- C:\WINDOWS\mamba.ini
[2010-12-13 18:14:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ASPRTMM6.DLL
[2010-11-23 20:06:33 | 000,001,074 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2010-11-18 18:56:24 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010-11-18 18:56:24 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010-11-18 18:49:43 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI
[2010-10-09 10:52:57 | 000,024,576 | ---- | C] () -- C:\WINDOWS\VMPipe.dll
[2010-09-12 19:21:15 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2010-08-26 09:18:03 | 000,000,058 | ---- | C] () -- C:\WINDOWS\2pic.ini
[2010-08-11 17:02:54 | 000,004,587 | ---- | C] () -- C:\WINDOWS\hpdj3500.ini
[2010-06-03 16:38:04 | 000,431,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010-06-03 10:49:31 | 000,000,168 | ---- | C] () -- C:\WINDOWS\usdthank.ini
[2010-06-03 10:49:31 | 000,000,031 | ---- | C] () -- C:\WINDOWS\idc.ini
[2010-05-31 15:16:08 | 000,000,261 | ---- | C] () -- C:\WINDOWS\WPE by elektro255.INI
[2010-05-16 19:57:14 | 000,005,930 | ---- | C] () -- C:\WINDOWS\CDex.INI
[2010-04-08 06:12:47 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2010-04-04 19:57:49 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010-03-14 18:37:15 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010-02-21 16:05:31 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010-02-20 18:56:30 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010-02-20 13:28:56 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010-02-20 13:19:57 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2010-02-20 11:06:43 | 000,000,101 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2010-02-20 10:57:13 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009-06-17 14:02:46 | 000,029,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\btnetBus.sys
[2008-05-04 17:39:34 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\ViaClassCoInstaller.dll
[2008-05-03 08:24:01 | 000,000,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004-06-09 21:38:01 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\JPeg32.dll
[2000-09-12 11:58:26 | 000,160,256 | ---- | C] () -- C:\WINDOWS\System32\ShrLk21.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-02-27 10:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Bluetooth
[2010-06-03 16:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-12-24 21:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Easy Driver Pro
[2011-06-24 15:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts
[2010-02-20 11:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2010-09-11 07:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Firefly Studios
[2010-07-06 14:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-12-24 20:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010-07-19 14:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Last.fm
[2010-06-24 13:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nexon
[2010-02-21 08:25:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonEU
[2010-02-20 19:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NexonUS
[2011-02-18 18:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia
[2011-02-13 18:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache
[2011-07-28 16:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-12-25 15:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2011-07-30 08:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PlatinumHideIP
[2011-08-09 17:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Plugin
[2010-11-18 19:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Samsung
[2011-11-13 16:35:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Spyware Terminator
[2010-12-24 21:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\UAB
[2011-11-10 06:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VirtualizedApplications
[2011-11-19 21:13:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2011-07-19 06:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\.minecraft
[2011-07-02 16:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\BitTorrent
[2010-11-27 15:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\BlackBean
[2010-07-19 21:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Broad Intelligence
[2010-12-24 20:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Carambis
[2010-02-23 13:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\COWON
[2010-07-20 18:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Crystal Player
[2010-06-03 16:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\DAEMON Tools Lite
[2011-05-03 21:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Desktop Media Player
[2010-02-20 11:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\ESET
[2010-02-20 12:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Gadu-Gadu
[2010-07-06 14:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Gadu-Gadu 10
[2011-07-27 19:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Genieo
[2011-09-18 13:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\GHISLER
[2011-08-01 14:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\ijjigame
[2011-02-26 06:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Need for Speed World
[2011-04-21 16:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Nokia
[2011-04-21 16:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Nokia Ovi Suite
[2011-06-28 05:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Nowe Gadu-Gadu
[2010-07-19 21:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\OpenCandy
[2011-07-28 16:42:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\OpenFM
[2011-08-11 19:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\PBlackout
[2011-02-18 18:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\PC Suite
[2011-07-30 08:12:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\PlatinumHideIP
[2011-08-10 06:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Playrix Entertainment
[2011-11-13 15:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\PriceGong
[2011-11-17 18:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Samsung
[2011-05-03 21:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\ShareTV
[2011-11-08 18:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\SoftGrid Client
[2010-05-27 17:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Software Informer
[2011-06-25 16:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Sony Online Entertainment
[2011-11-19 20:15:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Spyware Terminator
[2010-02-24 06:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Teleca
[2010-11-18 18:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Temporary
[2011-09-17 15:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\TP
[2010-11-18 18:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\TransRender
[2011-05-14 19:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\TS3Client
[2010-07-19 18:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\WinAVI
[2010-08-26 09:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\XnView
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

Użytkownik arekjezior edytował ten post 20 11 2011 - 13:03

  • 0

#6 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 20 11 2011 - 13:10

OK, kosmetyka wykonana.
.
  • 0

#7 arekjezior

arekjezior

    Początkujący

  • 14 postów

Napisano 20 11 2011 - 13:13

tylko niestety ping nie zmalał.. nadal utrzymuje się w granicach 300-500. co to może być?
  • 0

#8 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 20 11 2011 - 14:21

Co i gdzie wykrywa Twój Antivirus?

Możemy jeszcze sprawdzić, czy nie masz Rootkita w MBR dysku twardego:
1) Daj log z >MBRCheck
2) Daj log z >TDSSKiller

.
  • 0

#9 arekjezior

arekjezior

    Początkujący

  • 14 postów

Napisano 20 11 2011 - 14:44

Antywirus nic więcej nie wykrywa.

TDS Killer:

13:40:42.0609 3228	TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
13:40:44.0609 3228	============================================================
13:40:44.0609 3228	Current date / time: 2011/11/20 13:40:44.0609
13:40:44.0609 3228	SystemInfo:
13:40:44.0609 3228	
13:40:44.0609 3228	OS Version: 5.1.2600 ServicePack: 3.0
13:40:44.0609 3228	Product type: Workstation
13:40:44.0609 3228	ComputerName: AREK-12260384B8
13:40:44.0609 3228	UserName: arek
13:40:44.0609 3228	Windows directory: C:\WINDOWS
13:40:44.0609 3228	System windows directory: C:\WINDOWS
13:40:44.0609 3228	Processor architecture: Intel x86
13:40:44.0609 3228	Number of processors: 2
13:40:44.0609 3228	Page size: 0x1000
13:40:44.0609 3228	Boot type: Normal boot
13:40:44.0609 3228	============================================================
13:40:45.0546 3228	Initialize success
13:40:46.0937 3304	============================================================
13:40:46.0937 3304	Scan started
13:40:46.0937 3304	Mode: Manual; 
13:40:46.0937 3304	============================================================
13:40:47.0953 3304	a2acc           (05dac43a484272de87eac038814a7840) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
13:40:47.0953 3304	a2acc - ok
13:40:47.0968 3304	A2DDA           (f7eabca8375ea2dc6f35c4bca4757515) C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys
13:40:47.0968 3304	A2DDA - ok
13:40:47.0984 3304	a2injectiondriver (23aac49133765eeaa86a65452d21ef1c) C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys
13:40:47.0984 3304	a2injectiondriver - ok
13:40:47.0984 3304	a2util          (2da26eb05b5495d3b2ee36456c239fb7) C:\Program Files\Emsisoft Anti-Malware\a2util32.sys
13:40:47.0984 3304	a2util - ok
13:40:48.0078 3304	Abiosdsk - ok
13:40:48.0078 3304	abp480n5 - ok
13:40:48.0109 3304	ACPI            (05118282f5d039595a2b92b4a4afe197) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:40:48.0109 3304	ACPI - ok
13:40:48.0140 3304	ACPIEC          (66a42b7db194e24b973bbcce840a0f3f) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:40:48.0140 3304	ACPIEC - ok
13:40:48.0140 3304	adpu160m - ok
13:40:48.0171 3304	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:40:48.0171 3304	aec - ok
13:40:48.0203 3304	AFD             (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
13:40:48.0203 3304	AFD - ok
13:40:48.0218 3304	Aha154x - ok
13:40:48.0218 3304	aic78u2 - ok
13:40:48.0234 3304	aic78xx - ok
13:40:48.0234 3304	AliIde - ok
13:40:48.0265 3304	AMON            (687c3f2e78aeb209ade1cc265a2560bb) C:\WINDOWS\system32\drivers\amon.sys
13:40:48.0281 3304	AMON - ok
13:40:48.0281 3304	amsint - ok
13:40:48.0296 3304	asc - ok
13:40:48.0296 3304	asc3350p - ok
13:40:48.0296 3304	asc3550 - ok
13:40:48.0328 3304	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:40:48.0328 3304	AsyncMac - ok
13:40:48.0343 3304	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:40:48.0343 3304	atapi - ok
13:40:48.0343 3304	Atdisk - ok
13:40:48.0359 3304	ATE_PROCMON - ok
13:40:48.0500 3304	ati2mtag        (c0b86ecb324e50f6bbd529f9d5c6b24b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
13:40:48.0515 3304	ati2mtag - ok
13:40:48.0546 3304	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:40:48.0546 3304	Atmarpc - ok
13:40:48.0578 3304	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:40:48.0578 3304	audstub - ok
13:40:48.0578 3304	axsaki - ok
13:40:48.0593 3304	axskbus - ok
13:40:48.0609 3304	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:40:48.0609 3304	Beep - ok
13:40:48.0609 3304	BlueletAudio - ok
13:40:48.0625 3304	BlueletSCOAudio - ok
13:40:48.0625 3304	BT - ok
13:40:48.0640 3304	Btcsrusb - ok
13:40:48.0671 3304	BtHidBus        (fcf500c9e89e193e038dcfcdba6aa032) C:\WINDOWS\system32\Drivers\BtHidBus.sys
13:40:48.0671 3304	BtHidBus - ok
13:40:48.0687 3304	BTHidEnum - ok
13:40:48.0703 3304	BTHidMgr - ok
13:40:48.0718 3304	btnetBUs        (6783c5c81bfb640469468a80dfa1ccb3) C:\WINDOWS\system32\Drivers\btnetBus.sys
13:40:48.0718 3304	btnetBUs - ok
13:40:48.0734 3304	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:40:48.0734 3304	cbidf2k - ok
13:40:48.0750 3304	CCDECODE        (fdc06e2ada8c468ebb161624e03976cf) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:40:48.0750 3304	CCDECODE - ok
13:40:48.0765 3304	cd20xrnt - ok
13:40:48.0765 3304	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:40:48.0765 3304	Cdaudio - ok
13:40:48.0781 3304	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:40:48.0781 3304	Cdfs - ok
13:40:48.0796 3304	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:40:48.0796 3304	Cdrom - ok
13:40:48.0812 3304	Changer - ok
13:40:48.0828 3304	CmdIde - ok
13:40:48.0843 3304	Cpqarray - ok
13:40:48.0921 3304	CrystalSysInfo  (f054744f67576a01139885173392502b) C:\Program Files\MediaCoder\SysInfo.sys
13:40:48.0921 3304	CrystalSysInfo - ok
13:40:48.0921 3304	dac2w2k - ok
13:40:48.0937 3304	dac960nt - ok
13:40:48.0937 3304	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:40:48.0937 3304	Disk - ok
13:40:48.0968 3304	dmboot          (bc9219abc5696942e6f9ac8a9b28670f) C:\WINDOWS\system32\drivers\dmboot.sys
13:40:48.0968 3304	dmboot - ok
13:40:48.0984 3304	dmio            (5fa232e3ba6e1346f9f5a7e519320cb0) C:\WINDOWS\system32\drivers\dmio.sys
13:40:48.0984 3304	dmio - ok
13:40:49.0000 3304	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:40:49.0000 3304	dmload - ok
13:40:49.0015 3304	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:40:49.0015 3304	DMusic - ok
13:40:49.0046 3304	dpti2o - ok
13:40:49.0078 3304	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:40:49.0078 3304	drmkaud - ok
13:40:49.0093 3304	EagleNT - ok
13:40:49.0093 3304	EagleXNt - ok
13:40:49.0125 3304	eamon           (1ceb779239965000b8f6adee17d4515b) C:\WINDOWS\system32\DRIVERS\eamon.sys
13:40:49.0125 3304	eamon - ok
13:40:49.0140 3304	ehdrv           (7d300a43a7bd8769e0f901bf9e1ae367) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
13:40:49.0140 3304	ehdrv - ok
13:40:49.0156 3304	epfw            (15bfe00f030ea20955117bb0677e9668) C:\WINDOWS\system32\DRIVERS\epfw.sys
13:40:49.0156 3304	epfw - ok
13:40:49.0187 3304	Epfwndis        (52310e0e603d7da79ecca7d764937a91) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
13:40:49.0187 3304	Epfwndis - ok
13:40:49.0187 3304	epfwtdi         (bdde7dd8fcdb1de7e879bb320b0605c0) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
13:40:49.0187 3304	epfwtdi - ok
13:40:49.0218 3304	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:40:49.0218 3304	Fastfat - ok
13:40:49.0234 3304	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:40:49.0234 3304	Fdc - ok
13:40:49.0250 3304	Fips            (09e2a4d33f81a06a8aab2ba0a0b5d235) C:\WINDOWS\system32\drivers\Fips.sys
13:40:49.0250 3304	Fips - ok
13:40:49.0250 3304	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:40:49.0250 3304	Flpydisk - ok
13:40:49.0281 3304	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:40:49.0281 3304	FltMgr - ok
13:40:49.0296 3304	FsUsbExDisk     (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
13:40:49.0296 3304	FsUsbExDisk - ok
13:40:49.0328 3304	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:40:49.0328 3304	Fs_Rec - ok
13:40:49.0343 3304	Ftdisk          (ed6d921d8ab423138fb35beee6d6a6cb) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:40:49.0343 3304	Ftdisk - ok
13:40:49.0359 3304	gdrv            (54789f9ba0d59072cdd4e7c200e122c4) C:\WINDOWS\gdrv.sys
13:40:49.0359 3304	gdrv - ok
13:40:49.0375 3304	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:40:49.0375 3304	Gpc - ok
13:40:49.0406 3304	hamachi         (64b48a0d899deca24c424a2cac3ecffa) C:\WINDOWS\system32\DRIVERS\hamachi.sys
13:40:49.0406 3304	hamachi - ok
13:40:49.0421 3304	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:40:49.0421 3304	HDAudBus - ok
13:40:49.0453 3304	hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:40:49.0453 3304	hidusb - ok
13:40:49.0453 3304	hpn - ok
13:40:49.0484 3304	HPZid412        (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
13:40:49.0484 3304	HPZid412 - ok
13:40:49.0500 3304	HPZipr12        (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
13:40:49.0500 3304	HPZipr12 - ok
13:40:49.0500 3304	HPZius12        (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
13:40:49.0515 3304	HPZius12 - ok
13:40:49.0531 3304	HTTP            (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
13:40:49.0531 3304	HTTP - ok
13:40:49.0531 3304	i2omgmt - ok
13:40:49.0546 3304	i2omp - ok
13:40:49.0562 3304	i8042prt        (177b372af55c4460d0968b5f1d02aa1c) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:40:49.0562 3304	i8042prt - ok
13:40:49.0562 3304	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:40:49.0562 3304	Imapi - ok
13:40:49.0578 3304	ini910u - ok
13:40:49.0703 3304	IntcAzAudAddService (c4006af18682fca0d8a011a0a21070f8) C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:40:49.0718 3304	IntcAzAudAddService - ok
13:40:49.0734 3304	IntelIde - ok
13:40:49.0750 3304	intelppm        (da153edc09de8c4f846c085caa39d1cc) C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:40:49.0750 3304	intelppm - ok
13:40:49.0765 3304	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:40:49.0765 3304	Ip6Fw - ok
13:40:49.0796 3304	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:40:49.0796 3304	IpFilterDriver - ok
13:40:49.0812 3304	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:40:49.0812 3304	IpInIp - ok
13:40:49.0843 3304	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:40:49.0843 3304	IpNat - ok
13:40:49.0859 3304	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:40:49.0859 3304	IPSec - ok
13:40:49.0906 3304	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:40:49.0906 3304	IRENUM - ok
13:40:49.0953 3304	isapnp          (c8eef2e93835b81bd335de2123121283) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:40:49.0953 3304	isapnp - ok
13:40:50.0000 3304	IvtBtBUs        (d53d7ed7d85a18b0cd4626b88b6da52a) C:\WINDOWS\system32\Drivers\IvtBtBus.sys
13:40:50.0000 3304	IvtBtBUs - ok
13:40:50.0031 3304	Jraid           (c1632fe31d1824a43dea29725312e3fa) C:\WINDOWS\system32\DRIVERS\jraid.sys
13:40:50.0031 3304	Jraid - ok
13:40:50.0062 3304	Kbdclass        (2aeca45d4aeaacbdcb77ad11184e4601) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:40:50.0062 3304	Kbdclass - ok
13:40:50.0078 3304	kbdhid          (f718dcddac2544bc693f22977d06f78b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:40:50.0078 3304	kbdhid - ok
13:40:50.0109 3304	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:40:50.0109 3304	kmixer - ok
13:40:50.0125 3304	KSecDD          (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
13:40:50.0125 3304	KSecDD - ok
13:40:50.0125 3304	lbrtfdc - ok
13:40:50.0156 3304	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:40:50.0156 3304	mnmdd - ok
13:40:50.0187 3304	Modem           (4a068db7dc37d5afedb6512d2931d7b3) C:\WINDOWS\system32\drivers\Modem.sys
13:40:50.0187 3304	Modem - ok
13:40:50.0187 3304	Mouclass        (fbed3df6b884f8cf00447b73507f2c48) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:40:50.0187 3304	Mouclass - ok
13:40:50.0218 3304	mouhid          (ecec1e6cd558ab80f944f31326e9d3b5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:40:50.0218 3304	mouhid - ok
13:40:50.0234 3304	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:40:50.0234 3304	MountMgr - ok
13:40:50.0234 3304	mraid35x - ok
13:40:50.0250 3304	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:40:50.0250 3304	MRxDAV - ok
13:40:50.0296 3304	MRxSmb          (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:40:50.0296 3304	MRxSmb - ok
13:40:50.0328 3304	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:40:50.0328 3304	Msfs - ok
13:40:50.0375 3304	MSKSSRV         (85736f804191cb420a31aca2a7f0674f) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:40:50.0375 3304	MSKSSRV - ok
13:40:50.0484 3304	MSPCLOCK        (e943adb93d83c5cbc0ca3f53f53b48cc) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:40:50.0484 3304	MSPCLOCK - ok
13:40:50.0578 3304	MSPQM           (f6a726b8832db1f88326b8be98b11981) C:\WINDOWS\system32\drivers\MSPQM.sys
13:40:50.0578 3304	MSPQM - ok
13:40:50.0625 3304	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:40:50.0625 3304	mssmbios - ok
13:40:50.0625 3304	MSTEE           (d5059366b361f0e1124753447af08aa2) C:\WINDOWS\system32\drivers\MSTEE.sys
13:40:50.0625 3304	MSTEE - ok
13:40:50.0640 3304	Mup             (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
13:40:50.0640 3304	Mup - ok
13:40:50.0656 3304	NABTSFEC        (ac31b352ce5e92704056d409834beb74) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:40:50.0656 3304	NABTSFEC - ok
13:40:50.0671 3304	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:40:50.0671 3304	NDIS - ok
13:40:50.0671 3304	NdisIP          (abd7629cf2796250f315c1dd0b6cf7a0) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:40:50.0687 3304	NdisIP - ok
13:40:50.0687 3304	NdisTapi        (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:40:50.0687 3304	NdisTapi - ok
13:40:50.0718 3304	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:40:50.0718 3304	Ndisuio - ok
13:40:50.0734 3304	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:40:50.0734 3304	NdisWan - ok
13:40:50.0750 3304	NDProxy         (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
13:40:50.0750 3304	NDProxy - ok
13:40:50.0750 3304	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:40:50.0750 3304	NetBIOS - ok
13:40:50.0765 3304	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:40:50.0765 3304	NetBT - ok
13:40:50.0796 3304	nod32drv        (b4ea8cba9a69d0921b7bd89c8cf9e032) C:\WINDOWS\system32\drivers\nod32drv.sys
13:40:50.0796 3304	nod32drv - ok
13:40:50.0796 3304	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:40:50.0796 3304	Npfs - ok
13:40:50.0828 3304	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:40:50.0828 3304	Ntfs - ok
13:40:50.0859 3304	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:40:50.0859 3304	Null - ok
13:40:50.0875 3304	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:40:50.0875 3304	NwlnkFlt - ok
13:40:50.0890 3304	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:40:50.0890 3304	NwlnkFwd - ok
13:40:50.0921 3304	oreans32        (b99575d16f887883b821d372ff292c20) C:\WINDOWS\system32\drivers\oreans32.sys
13:40:50.0921 3304	oreans32 - ok
13:40:50.0937 3304	Parport         (2d4cdaebced17743aa9e25d3016dc229) C:\WINDOWS\system32\DRIVERS\parport.sys
13:40:50.0937 3304	Parport - ok
13:40:50.0937 3304	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:40:50.0937 3304	PartMgr - ok
13:40:50.0953 3304	ParVdm          (453ec2c2a20a1382f564541918520eeb) C:\WINDOWS\system32\drivers\ParVdm.sys
13:40:50.0953 3304	ParVdm - ok
13:40:50.0968 3304	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
13:40:50.0968 3304	pccsmcfd - ok
13:40:50.0984 3304	PCI             (6862c69168d787b85a7d95ccd33c694e) C:\WINDOWS\system32\DRIVERS\pci.sys
13:40:50.0984 3304	PCI - ok
13:40:51.0000 3304	PCIDump - ok
13:40:51.0015 3304	PCIIde          (548cf2d6369eae441a4c6baa75bc4f0a) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:40:51.0015 3304	PCIIde - ok
13:40:51.0031 3304	Pcmcia          (8db27f1ae9593c94095485305a583862) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:40:51.0031 3304	Pcmcia - ok
13:40:51.0062 3304	PDCOMP - ok
13:40:51.0062 3304	PDFRAME - ok
13:40:51.0062 3304	PDRELI - ok
13:40:51.0078 3304	PDRFRAME - ok
13:40:51.0078 3304	perc2 - ok
13:40:51.0093 3304	perc2hib - ok
13:40:51.0125 3304	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:40:51.0125 3304	PptpMiniport - ok
13:40:51.0140 3304	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:40:51.0140 3304	PSched - ok
13:40:51.0156 3304	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:40:51.0156 3304	Ptilink - ok
13:40:51.0187 3304	PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:40:51.0187 3304	PxHelp20 - ok
13:40:51.0187 3304	ql1080 - ok
13:40:51.0187 3304	Ql10wnt - ok
13:40:51.0203 3304	ql12160 - ok
13:40:51.0203 3304	ql1240 - ok
13:40:51.0218 3304	ql1280 - ok
13:40:51.0218 3304	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:40:51.0218 3304	RasAcd - ok
13:40:51.0234 3304	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:40:51.0234 3304	Rasl2tp - ok
13:40:51.0250 3304	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:40:51.0250 3304	RasPppoe - ok
13:40:51.0250 3304	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:40:51.0250 3304	Raspti - ok
13:40:51.0265 3304	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:40:51.0265 3304	Rdbss - ok
13:40:51.0281 3304	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:40:51.0281 3304	RDPCDD - ok
13:40:51.0296 3304	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:40:51.0296 3304	rdpdr - ok
13:40:51.0312 3304	RDPWD           (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
13:40:51.0312 3304	RDPWD - ok
13:40:51.0343 3304	redbook         (e0c7bbd18040b58651bac700c804861d) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:40:51.0343 3304	redbook - ok
13:40:51.0359 3304	ROOTMODEM       (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
13:40:51.0359 3304	ROOTMODEM - ok
13:40:51.0375 3304	RTLE8023xp      (badabe0940c01619e8510b90fb314929) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
13:40:51.0375 3304	RTLE8023xp - ok
13:40:51.0406 3304	s716bus         (d7a84ef8f953a2d704580e4e73e00011) C:\WINDOWS\system32\DRIVERS\s716bus.sys
13:40:51.0406 3304	s716bus - ok
13:40:51.0421 3304	s716mdfl        (c5b509cdeeb733efafadc2d93bc77712) C:\WINDOWS\system32\DRIVERS\s716mdfl.sys
13:40:51.0421 3304	s716mdfl - ok
13:40:51.0437 3304	s716mdm         (dc3dec64860878540b374dc7d15d921f) C:\WINDOWS\system32\DRIVERS\s716mdm.sys
13:40:51.0437 3304	s716mdm - ok
13:40:51.0468 3304	s716mgmt        (047fd555d897333ad9f61b1d4cc7c114) C:\WINDOWS\system32\DRIVERS\s716mgmt.sys
13:40:51.0468 3304	s716mgmt - ok
13:40:51.0484 3304	s716nd5         (2858193e91eef964e41b6a032e1e4418) C:\WINDOWS\system32\DRIVERS\s716nd5.sys
13:40:51.0484 3304	s716nd5 - ok
13:40:51.0500 3304	s716obex        (cc6c212585891614cc2059ba48d27a86) C:\WINDOWS\system32\DRIVERS\s716obex.sys
13:40:51.0500 3304	s716obex - ok
13:40:51.0515 3304	s716unic        (aaaeeba9fa0ecb0de6bba59f955cdefb) C:\WINDOWS\system32\DRIVERS\s716unic.sys
13:40:51.0515 3304	s716unic - ok
13:40:51.0531 3304	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:40:51.0531 3304	Secdrv - ok
13:40:51.0546 3304	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:40:51.0546 3304	serenum - ok
13:40:51.0562 3304	Serial          (d07b02f88165e69b9f17162cf592c8a6) C:\WINDOWS\system32\DRIVERS\serial.sys
13:40:51.0562 3304	Serial - ok
13:40:51.0593 3304	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:40:51.0593 3304	Sfloppy - ok
13:40:51.0625 3304	Sftfs           (92d1002b9ace530f37f256d3d58e5867) C:\WINDOWS\system32\DRIVERS\Sftfsxp.sys
13:40:51.0625 3304	Sftfs - ok
13:40:51.0671 3304	Sftplay         (5eb49d97a281c3e71b23c66b13a24a6d) C:\WINDOWS\system32\DRIVERS\Sftplayxp.sys
13:40:51.0671 3304	Sftplay - ok
13:40:51.0703 3304	Sftredir        (e8192208cc8cf24b3a81774c8078259c) C:\WINDOWS\system32\DRIVERS\Sftredirxp.sys
13:40:51.0703 3304	Sftredir - ok
13:40:51.0718 3304	Sftvol          (f21569a5e0f9e9cf6e32819e08abfa2d) C:\WINDOWS\system32\DRIVERS\Sftvolxp.sys
13:40:51.0718 3304	Sftvol - ok
13:40:51.0750 3304	Si3112          (f2ab02c279bfc511a4b859416ffd4eb2) C:\WINDOWS\system32\drivers\Si3112.sys
13:40:51.0750 3304	Si3112 - ok
13:40:51.0750 3304	Simbad - ok
13:40:51.0796 3304	SLIP            (1ffc44d6787ec1ea9a2b1440a90fa5c1) C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:40:51.0796 3304	SLIP - ok
13:40:51.0796 3304	Sparrow - ok
13:40:51.0828 3304	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:40:51.0828 3304	splitter - ok
13:40:51.0859 3304	sptd            (614deea4bdcec3fd5a07bdc705723ad7) C:\WINDOWS\System32\Drivers\sptd.sys
13:40:51.0859 3304	Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: 614deea4bdcec3fd5a07bdc705723ad7
13:40:51.0859 3304	sptd ( LockedFile.Multi.Generic ) - warning
13:40:51.0859 3304	sptd - detected LockedFile.Multi.Generic (1)
13:40:51.0890 3304	sr              (eb032822be406ef220d546ddffcf0002) C:\WINDOWS\system32\DRIVERS\sr.sys
13:40:51.0890 3304	sr - ok
13:40:51.0921 3304	Srv             (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
13:40:51.0921 3304	Srv - ok
13:40:51.0937 3304	streamip        (a9f9fd0212e572b84edb9eb661f6bc04) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:40:51.0937 3304	streamip - ok
13:40:51.0937 3304	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:40:51.0937 3304	swenum - ok
13:40:51.0968 3304	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:40:51.0968 3304	swmidi - ok
13:40:51.0984 3304	symc810 - ok
13:40:52.0000 3304	symc8xx - ok
13:40:52.0000 3304	sym_hi - ok
13:40:52.0015 3304	sym_u3 - ok
13:40:52.0031 3304	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:40:52.0031 3304	sysaudio - ok
13:40:52.0062 3304	taphss          (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\WINDOWS\system32\DRIVERS\taphss.sys
13:40:52.0062 3304	taphss - ok
13:40:52.0093 3304	Tcpip           (8e036eec565910417ea020ce0962aa24) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:40:52.0093 3304	Tcpip - ok
13:40:52.0109 3304	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:40:52.0109 3304	TDPIPE - ok
13:40:52.0125 3304	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:40:52.0125 3304	TDTCP - ok
13:40:52.0140 3304	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:40:52.0140 3304	TermDD - ok
13:40:52.0156 3304	TosIde - ok
13:40:52.0171 3304	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:40:52.0171 3304	Udfs - ok
13:40:52.0187 3304	ultra - ok
13:40:52.0218 3304	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:40:52.0218 3304	Update - ok
13:40:52.0234 3304	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:40:52.0250 3304	usbccgp - ok
13:40:52.0250 3304	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:40:52.0250 3304	usbehci - ok
13:40:52.0281 3304	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:40:52.0281 3304	usbhub - ok
13:40:52.0296 3304	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:40:52.0296 3304	usbprint - ok
13:40:52.0328 3304	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:40:52.0328 3304	usbscan - ok
13:40:52.0359 3304	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:40:52.0359 3304	USBSTOR - ok
13:40:52.0390 3304	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:40:52.0390 3304	usbuhci - ok
13:40:52.0406 3304	VComm - ok
13:40:52.0406 3304	VcommMgr - ok
13:40:52.0453 3304	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:40:52.0453 3304	VgaSave - ok
13:40:52.0453 3304	ViaIde - ok
13:40:52.0484 3304	VolSnap         (56b191ac5fc0df219949c95a6c87afe7) C:\WINDOWS\system32\drivers\VolSnap.sys
13:40:52.0484 3304	VolSnap - ok
13:40:52.0500 3304	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:40:52.0500 3304	Wanarp - ok
13:40:52.0546 3304	Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
13:40:52.0546 3304	Wdf01000 - ok
13:40:52.0562 3304	WDICA - ok
13:40:52.0609 3304	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:40:52.0609 3304	wdmaud - ok
13:40:52.0640 3304	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
13:40:52.0640 3304	WpdUsb - ok
13:40:52.0656 3304	WS2IFSL         (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:40:52.0656 3304	WS2IFSL - ok
13:40:52.0687 3304	WSTCODEC        (233cdd1c06942115802eb7ce6669e099) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:40:52.0687 3304	WSTCODEC - ok
13:40:52.0718 3304	WudfPf          (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:40:52.0718 3304	WudfPf - ok
13:40:52.0734 3304	WudfRd          (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:40:52.0734 3304	WudfRd - ok
13:40:52.0765 3304	ZSMC303         (07f90a3574769a28ad3f45ccc61394ec) C:\WINDOWS\system32\Drivers\usbVM303.sys
13:40:52.0765 3304	ZSMC303 - ok
13:40:52.0781 3304	MBR (0x1B8)     (32052574bf9f325ae309abc7bfd04460) \Device\Harddisk0\DR0
13:40:52.0890 3304	\Device\Harddisk0\DR0 - ok
13:40:52.0890 3304	Boot (0x1200)   (3e2996bde825a6a59c27a8870f3923bc) \Device\Harddisk0\DR0\Partition0
13:40:52.0890 3304	\Device\Harddisk0\DR0\Partition0 - ok
13:40:52.0906 3304	Boot (0x1200)   (d4e3ead47e6921efa5d96fbf5d8dc698) \Device\Harddisk0\DR0\Partition1
13:40:52.0906 3304	\Device\Harddisk0\DR0\Partition1 - ok
13:40:52.0921 3304	Boot (0x1200)   (5b8702cb723a1dbe3ae53b62215da622) \Device\Harddisk0\DR0\Partition2
13:40:52.0921 3304	\Device\Harddisk0\DR0\Partition2 - ok
13:40:52.0921 3304	============================================================
13:40:52.0921 3304	Scan finished
13:40:52.0921 3304	============================================================
13:40:52.0937 3120	Detected object count: 1
13:40:52.0937 3120	Actual detected object count: 1
13:40:56.0718 3120	sptd ( LockedFile.Multi.Generic ) - skipped by user
13:40:56.0718 3120	sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
13:41:26.0937 3748	Deinitialize success

MBRCheck:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:			
Windows Version:		Windows XP Professional
Windows Information:		Dodatek Service Pack 3 (build 2600)
Logical Drives Mask:		0x0001007d

Kernel Drivers (total 143):
  0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
  0x806E4000 \WINDOWS\system32\hal.dll
  0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
  0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
  0xB9E97000 sptd.sys
  0xBA5AA000 \WINDOWS\System32\Drivers\WMILIB.SYS
  0xB9E7F000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
  0xB9E50000 ACPI.sys
  0xB9E3F000 pci.sys
  0xBA0A8000 isapnp.sys
  0xBA670000 pciide.sys
  0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
  0xBA0B8000 MountMgr.sys
  0xB9E20000 ftdisk.sys
  0xBA5AC000 dmload.sys
  0xB9DFA000 dmio.sys
  0xBA330000 PartMgr.sys
  0xBA0C8000 VolSnap.sys
  0xB9DE2000 atapi.sys
  0xBA0D8000 jraid.sys
  0xBA0E8000 Si3112.sys
  0xBA0F8000 disk.sys
  0xBA108000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
  0xB9DC2000 fltMgr.sys
  0xB9DB0000 sr.sys
  0xBA118000 PxHelp20.sys
  0xB9D99000 KSecDD.sys
  0xB9D82000 WudfPf.sys
  0xB9CF5000 Ntfs.sys
  0xB9CC8000 NDIS.sys
  0xB9CAE000 Mup.sys
  0xBA4BC000 BtHidBus.sys
  0xBA198000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0xB9565000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
  0xB9551000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
  0xBA428000 \SystemRoot\system32\DRIVERS\usbuhci.sys
  0xB952D000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0xBA430000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0xB9505000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0xBA1A8000 \SystemRoot\system32\DRIVERS\imapi.sys
  0xBA1B8000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0xBA1C8000 \SystemRoot\system32\DRIVERS\redbook.sys
  0xB94E2000 \SystemRoot\system32\DRIVERS\ks.sys
  0xB94C9000 \SystemRoot\system32\DRIVERS\Rtenicxp.sys
  0xBA438000 \SystemRoot\system32\DRIVERS\fdc.sys
  0xBA1D8000 \SystemRoot\system32\DRIVERS\serial.sys
  0xB993B000 \SystemRoot\system32\DRIVERS\serenum.sys
  0xB94B5000 \SystemRoot\system32\DRIVERS\parport.sys
  0xBA1E8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
  0xBA440000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0xB9478000 \SystemRoot\System32\Drivers\a9q3km61.SYS
  0xBA1F8000 \SystemRoot\system32\DRIVERS\Epfwndis.sys
  0xBA6C7000 \SystemRoot\system32\DRIVERS\audstub.sys
  0xBA208000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0xB992B000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0xB9461000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0xBA218000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0xBA228000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0xBA4B0000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0xB9450000 \SystemRoot\system32\DRIVERS\psched.sys
  0xBA238000 \SystemRoot\system32\DRIVERS\msgpc.sys
  0xBA340000 \SystemRoot\system32\DRIVERS\ptilink.sys
  0xBA378000 \SystemRoot\system32\DRIVERS\raspti.sys
  0xB9380000 \SystemRoot\system32\DRIVERS\rdpdr.sys
  0xBA248000 \SystemRoot\system32\DRIVERS\termdd.sys
  0xBA380000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0xBA5E2000 \SystemRoot\system32\DRIVERS\swenum.sys
  0xB9322000 \SystemRoot\system32\DRIVERS\update.sys
  0xBA558000 \SystemRoot\system32\DRIVERS\mssmbios.sys
  0xBA258000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0xBA298000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0xBA5E4000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0xACD04000 \SystemRoot\system32\drivers\RtkHDAud.sys
  0xACCE0000 \SystemRoot\system32\drivers\portcls.sys
  0xBA2A8000 \SystemRoot\system32\drivers\drmk.sys
  0xBA390000 \SystemRoot\system32\DRIVERS\flpydisk.sys
  0xBA398000 \??\C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys
  0xBA5EA000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
  0xBA7D6000 \SystemRoot\System32\Drivers\Null.SYS
  0xBA5EC000 \SystemRoot\System32\Drivers\Beep.SYS
  0xACC71000 \SystemRoot\system32\DRIVERS\ehdrv.sys
  0xBA3A8000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0xBA3B0000 \SystemRoot\System32\drivers\vga.sys
  0xBA5EE000 \SystemRoot\System32\Drivers\mnmdd.SYS
  0xBA5F0000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0xBA3B8000 \SystemRoot\System32\Drivers\Msfs.SYS
  0xBA3C0000 \SystemRoot\System32\Drivers\Npfs.SYS
  0xB9937000 \SystemRoot\system32\DRIVERS\rasacd.sys
  0xACC3E000 \SystemRoot\system32\DRIVERS\ipsec.sys
  0xACBE5000 \SystemRoot\system32\DRIVERS\tcpip.sys
  0xACBD3000 \SystemRoot\system32\DRIVERS\epfwtdi.sys
  0xACBAD000 \SystemRoot\system32\DRIVERS\ipnat.sys
  0xACB85000 \SystemRoot\system32\DRIVERS\netbt.sys
  0xBA2E8000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0xB931A000 \SystemRoot\System32\drivers\ws2ifsl.sys
  0xACB63000 \SystemRoot\System32\drivers\afd.sys
  0xBA2F8000 \SystemRoot\system32\DRIVERS\netbios.sys
  0xACA98000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0xBA308000 \??\C:\WINDOWS\system32\drivers\oreans32.sys
  0xBA5F2000 \SystemRoot\system32\drivers\nod32drv.sys
  0xACA00000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0xBA318000 \SystemRoot\System32\Drivers\Fips.SYS
  0xBA5F6000 \??\C:\Program Files\Emsisoft Anti-Malware\a2util32.sys
  0xB9312000 \??\C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys
  0xAC98F000 \SystemRoot\System32\Drivers\usbVM303.sys
  0xBA158000 \SystemRoot\System32\Drivers\STREAM.SYS
  0xBA3C8000 \SystemRoot\system32\DRIVERS\usbccgp.sys
  0xB930A000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0xBA168000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0xB9306000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0xB92FA000 \SystemRoot\system32\DRIVERS\kbdhid.sys
  0xB9410000 \SystemRoot\System32\Drivers\Cdfs.SYS
  0xAC94F000 \SystemRoot\System32\Drivers\dump_atapi.sys
  0xBA62A000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
  0xBF800000 \SystemRoot\System32\win32k.sys
  0xB9C66000 \SystemRoot\System32\drivers\Dxapi.sys
  0xBA3F8000 \SystemRoot\System32\watchdog.sys
  0xBF000000 \SystemRoot\System32\drivers\dxg.sys
  0xBA6DC000 \SystemRoot\System32\drivers\dxgthk.sys
  0xBF012000 \SystemRoot\System32\ati2dvag.dll
  0xBF065000 \SystemRoot\System32\ati2cqag.dll
  0xBF0FE000 \SystemRoot\System32\atikvmag.dll
  0xBF182000 \SystemRoot\System32\atiok3x2.dll
  0xBF1CD000 \SystemRoot\System32\ati3duag.dll
  0xBF572000 \SystemRoot\System32\ativvaxx.dll
  0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
  0xAA590000 \SystemRoot\system32\DRIVERS\eamon.sys
  0xAA54C000 \SystemRoot\system32\DRIVERS\Sftvolxp.sys
  0xAA42E000 \SystemRoot\system32\DRIVERS\epfw.sys
  0xB93E0000 \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
  0xAA416000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0xAA0D1000 \SystemRoot\system32\drivers\wdmaud.sys
  0xAA15E000 \SystemRoot\system32\drivers\sysaudio.sys
  0xA9BF4000 \SystemRoot\system32\DRIVERS\mrxdav.sys
  0xBA666000 \SystemRoot\System32\Drivers\ParVdm.SYS
  0xA9B52000 \SystemRoot\system32\DRIVERS\srv.sys
  0xA99B4000 \SystemRoot\system32\DRIVERS\Sftfsxp.sys
  0xA98E1000 \SystemRoot\system32\DRIVERS\Sftplayxp.sys
  0xA9928000 \SystemRoot\system32\DRIVERS\Sftredirxp.sys
  0xA93A5000 \SystemRoot\System32\Drivers\HTTP.sys
  0xA8DAE000 \SystemRoot\system32\drivers\kmixer.sys
  0x7C900000 \WINDOWS\system32\ntdll.dll
  0x10000000 \Program Files\DAEMON Tools Lite\Engine.dll

Processes (total 46):
       0 System Idle Process
       4 System
     892 C:\WINDOWS\system32\smss.exe
     944 csrss.exe
     980 C:\WINDOWS\system32\winlogon.exe
    1024 C:\WINDOWS\system32\services.exe
    1036 C:\WINDOWS\system32\lsass.exe
    1196 C:\Program Files\Emsisoft Anti-Malware\a2service.exe
    1348 C:\WINDOWS\system32\ati2evxx.exe
    1368 C:\WINDOWS\system32\svchost.exe
    1460 svchost.exe
    1640 C:\WINDOWS\system32\svchost.exe
    1676 C:\WINDOWS\system32\svchost.exe
    1740 C:\WINDOWS\system32\ati2evxx.exe
    1864 svchost.exe
    1948 svchost.exe
     172 C:\WINDOWS\system32\spoolsv.exe
    1164 C:\WINDOWS\explorer.exe
    1600 C:\WINDOWS\RTHDCPL.exe
    1768 C:\WINDOWS\VM303_STI.EXE
    1784 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    1904 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    1920 C:\Program Files\ESET\ESET Smart Security\egui.exe
    2044 C:\WINDOWS\system32\ctfmon.exe
     220 C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
     340 C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe
     496 C:\Program Files\NetMeter\NetMeter.exe
     504 C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe
     548 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    2160 C:\WINDOWS\system32\svchost.exe
    2252 C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    2288 C:\Program Files\Java\jre6\bin\jqs.exe
    2328 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    2480 C:\WINDOWS\system32\IoctlSvc.exe
    2492 C:\WINDOWS\system32\HPZipm12.exe
    2728 C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
    2768 C:\Program Files\Spyware Terminator\sp_rsser.exe
    2800 C:\WINDOWS\system32\svchost.exe
    2868 C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
    3296 C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
     812 C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    2308 C:\WINDOWS\system32\wbem\wmiapsrv.exe
    2944 alg.exe
    2356 C:\Program Files\Mozilla Firefox\firefox.exe
    2264 C:\Program Files\Mozilla Firefox\plugin-container.exe
    2184 C:\Documents and Settings\arek\Pulpit\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00  (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000004`e22cec00  (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000014`c082a800  (NTFS)
\\.\Q: -->  error 5

PhysicalDrive0 Model Number: SAMSUNGHD161HJ, Rev: JF100-19

      Size  Device Name          MBR Status
  --------------------------------------------
    149 GB  \\.\PhysicalDrive0   Windows XP MBR code detected
            SHA1: 858845D53EA37CAD905BAB010542C912FBC33C8C


Done!

  • 0

#10 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 20 11 2011 - 15:33

Ani TDSSKiller, ani MBRCheck, nie wykryły Rootkita (sptd.sys" to sterownik Daemon Tools).

Tak więc Twój problem nie wynika z infekcji.

.
  • 0

#11 arekjezior

arekjezior

    Początkujący

  • 14 postów

Napisano 20 11 2011 - 15:36

Na Netlimiterze mam połączenie, a raczej cały szereg z internetem, jak je ograniczam to ping maleje do odpowiedniego.
Dane o tym połączeniu:
Path: c:\documents and settings\arek\ustawienia lokalne\dane aplikacji\akamai\netsession_win.exe
Description: Akamai NetSession Client
Company: Akamai Technologies, Inc

  • 0

#12 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 20 11 2011 - 16:11

Ale to sam sobie zainstalowałeś, to nie jest infekcja.
Nawiasem mówiąc: nie musiałeś tego instalować, ale jednak się zgodziłeś na doinstalowanie tego zamulacza. To Twój wybór, nic mi do tego.

.

  • 0

#13 arekjezior

arekjezior

    Początkujący

  • 14 postów

Napisano 20 11 2011 - 16:12

Czyli można to odinstalować/wyrzucić? Skoro zabiera mi łącze to nie jest mi potrzebne.
  • 0

#14 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 20 11 2011 - 16:18

Czyli można to odinstalować/wyrzucić? Skoro zabiera mi łącze to nie jest mi potrzebne.

Nawet nie wiem, czy to się da odinstalować. Najlepiej jest, przy instalacji różnych programów, zwracać uwagę, czy przypadkiem nie proponują na doinstalowanie niepotrzebnego programu, przy okazji instalacji potrzebnego programu.
To taka zasada: kup Pan szynkę, a cegłę dostaniesz za darmo (choć cegła Ci nie jest potrzebna).

.
  • 0

#15 arekjezior

arekjezior

    Początkujący

  • 14 postów

Napisano 20 11 2011 - 16:28

Usunąłem ten program, nie ma problemu z pingiem, zero lewych połączeń - program łączył się z NFS World. Pomogłeś mi drugi raz z problemem. Dziękuję bardzo :)

  • 0




Użytkownicy przeglądający ten temat: 0

0 użytkowników, 0 gości, 0 anonimowych