Skocz do zawartości


Zdjęcie

Logi - Usuwanie zbędnych śmieci


  • Zamknięty Temat jest zamknięty
3 odpowiedzi w tym temacie

#1 arekjezior

arekjezior

    Początkujący

  • 14 postów

Napisano 02 06 2010 - 19:59

oto log z otl
OTL logfile created on: 2010-06-02 19:57:43 - Run 3OTL by OldTimer - Version 3.2.5.0     Folder = C:\Documents and Settings\arek\PulpitWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 7.0.5730.13)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File freePaging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 19,53 Gb Total Space | 10,63 Gb Free Space | 54,43% Space Free | Partition Type: NTFSDrive D: | 63,47 Gb Total Space | 43,34 Gb Free Space | 68,28% Space Free | Partition Type: NTFSDrive E: | 66,04 Gb Total Space | 48,02 Gb Free Space | 72,71% Space Free | Partition Type: NTFSF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: AREK-12260384B8Current User Name: arekLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OffSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard ========== Processes (SafeList) ========== PRC - [2010-05-19 22:18:49 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\arek\Pulpit\OTL.exePRC - [2010-05-19 21:30:37 | 000,949,376 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exePRC - [2010-05-19 21:30:37 | 000,552,064 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exePRC - [2010-04-15 20:58:06 | 002,278,400 | ---- | M] (moorhunt.pl) -- C:\Program Files\MoorHunt\MoorHunt.exePRC - [2010-04-04 20:57:49 | 000,570,880 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exePRC - [2010-04-03 09:55:48 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exePRC - [2010-02-20 18:41:18 | 002,937,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exePRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exePRC - [2004-09-29 13:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe  ========== Modules (SafeList) ========== MOD - [2010-05-19 22:18:49 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\arek\Pulpit\OTL.exeMOD - [2008-04-14 22:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocxMOD - [2006-05-03 23:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll  ========== Win32 Services (SafeList) ========== SRV - [2010-05-19 21:30:37 | 000,552,064 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)SRV - [2010-04-04 20:57:49 | 000,570,880 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)SRV - [2004-09-29 13:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)SRV - [2001-10-26 19:30:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (.EsetTrialReset)  ========== Driver Services (SafeList) ========== DRV - [2010-05-19 21:30:37 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)DRV - [2010-05-19 21:30:37 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)DRV - [2010-04-08 07:12:47 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)DRV - [2010-02-20 11:48:11 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)DRV - [2010-02-11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)DRV - [2008-05-02 08:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\si3112.sys -- (Si3112)DRV - [2008-04-13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)DRV - [2007-08-07 11:40:38 | 000,098,944 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)DRV - [2007-07-18 13:26:04 | 004,547,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)DRV - [2007-06-13 17:47:12 | 000,048,256 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (Jraid)DRV - [2007-04-04 13:43:38 | 000,098,952 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716unic.sys -- (s716unic) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM)DRV - [2007-04-04 13:43:36 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716obex.sys -- (s716obex)DRV - [2007-04-04 13:43:36 | 000,023,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716nd5.sys -- (s716nd5) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS)DRV - [2007-04-04 13:43:34 | 000,108,552 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdm.sys -- (s716mdm)DRV - [2007-04-04 13:43:34 | 000,100,360 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mgmt.sys -- (s716mgmt) Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM)DRV - [2007-04-04 13:43:32 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdfl.sys -- (s716mdfl)DRV - [2007-04-04 13:43:20 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716bus.sys -- (s716bus) Sony Ericsson Device 716 driver (WDM)DRV - [2006-07-24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)DRV - [2005-12-22 13:24:52 | 000,137,884 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)DRV - [2005-12-22 13:24:52 | 000,010,864 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)DRV - [2005-12-22 13:24:50 | 000,080,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)  ========== Standard Registry (SafeList) ==========  ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1708250IE - HKCU\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)IE - HKCU\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Free Lunch Design Customized Web Search"FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1708250&SearchSource=3&q={searchTerms}"FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:2.5.8.6FF - prefs.js..extensions.enabledItems: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}:2.5.6.0FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1708250&q=" FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2010-04-04 20:58:22 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-05-18 20:04:00 | 000,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-01 20:04:19 | 000,000,000 | ---D | M] [2010-02-20 12:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Extensions[2010-05-29 22:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions[2010-04-18 12:17:52 | 000,000,000 | ---D | M] (Softonic-Eng7 Toolbar) -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}[2010-05-29 22:46:25 | 000,000,000 | ---D | M] (Stylish) -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}[2010-05-29 22:46:20 | 000,000,000 | ---D | M] (Free Lunch Design Toolbar) -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\extensions\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}[2010-05-04 09:55:48 | 000,000,937 | ---- | M] () -- C:\Documents and Settings\arek\Dane aplikacji\Mozilla\Firefox\Profiles\k16rlsym.default\searchplugins\conduit.xml[2010-05-29 20:49:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions[2010-02-20 13:42:52 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}[2010-05-01 20:04:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll[2010-02-20 18:41:07 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll[2010-03-24 19:36:33 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml[2007-07-26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml[2010-03-24 19:36:33 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml[2010-03-24 19:36:33 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml[2010-03-24 19:36:33 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml[2010-03-24 19:36:33 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml[2010-03-24 19:36:33 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-05-20 20:07:08 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HostsO1 - Hosts: 127.0.0.1       localhostO1 - Hosts: ::1       localhostO2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\arek\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)O3 - HKLM\..\Toolbar: (Pasek &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)O3 - HKCU\..\Toolbar\WebBrowser: (Pasek &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)O3 - HKCU\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\tbFre0.dll (Conduit Ltd.)O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)O4 - HKCU..\Run: [fsm]  File not foundO4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\imon.dll (Eset )O15 - HKCU\..Trusted Domains: windowsecurity.com ([www] https in Zaufane witryny)O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO24 - Desktop WallPaper: C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmpO24 - Desktop BackupWallPaper: C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmpO32 - HKLM CDRom: AutoRun - 0O32 - AutoRun File - [2010-02-20 11:36:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck autochk *) -  File not foundO35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-06-02 16:05:14 | 002,314,332 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\Libmmd.dll[2010-06-02 16:05:13 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomct2.ocx[2010-06-02 16:05:13 | 000,609,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comctl32.ocx[2010-06-02 16:05:13 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comdlg32.ocx[2010-06-02 15:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\Help[2010-06-02 15:54:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Dane aplikacji\Help[2010-06-02 15:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\Carrot[2010-05-23 09:34:57 | 000,032,768 | ---- | C] (Vimicro) -- C:\WINDOWS\VMZoom.exe[2010-05-23 09:34:55 | 000,081,920 | ---- | C] (VM) -- C:\WINDOWS\System32\VM303Sti.dll[2010-05-23 09:34:54 | 000,102,400 | ---- | C] (www.zsmc.com.cn) -- C:\WINDOWS\VM303Cap.exe[2010-05-23 09:34:54 | 000,061,440 | ---- | C] (Vimicro) -- C:\WINDOWS\VM303_STI.exe[2010-05-23 09:34:52 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\amcap.exe[2010-05-23 09:34:52 | 000,053,248 | ---- | C] (VM) -- C:\WINDOWS\Sti303.exe[2010-05-23 09:34:51 | 000,390,849 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\drivers\usbVM303.sys[2010-05-23 09:34:51 | 000,270,421 | ---- | C] (Vimicro) -- C:\WINDOWS\System32\VM303Prp.Ax[2010-05-23 09:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\Vimicro[2010-05-23 09:34:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\EffectResources[2010-05-23 09:34:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\CatRoot[2010-05-20 22:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\Software Informer[2010-05-20 20:47:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Dane aplikacji\Malwarebytes[2010-05-20 20:47:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys[2010-05-20 20:47:09 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys[2010-05-20 20:47:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes[2010-05-20 20:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware[2010-05-20 20:25:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Dane aplikacji\Software Informer[2010-05-20 20:03:59 | 000,000,000 | ---D | C] -- C:\_OTL[2010-05-19 22:18:29 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\arek\Pulpit\OTL.exe[2010-05-19 21:31:02 | 000,512,096 | ---- | C] (Eset ) -- C:\WINDOWS\System32\drivers\amon.sys[2010-05-19 21:31:02 | 000,298,104 | ---- | C] (Eset ) -- C:\WINDOWS\System32\imon.dll[2010-05-19 21:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\Anti Trojan Elite[2010-05-19 20:10:36 | 000,000,000 | ---D | C] -- C:\Program Files\a-squared Anti-Malware[2010-05-19 20:10:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Moje dokumenty\a-squared[2010-05-19 20:09:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\arek\Pulpit\AnitiMalware[2010-05-18 21:16:46 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline[2010-05-17 20:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\HIJACK[2010-05-16 21:15:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Pulpit[2010-05-16 21:08:11 | 000,000,000 | ---D | C] -- C:\Program Files\CDex150beta7[2010-05-09 19:35:33 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll[2010-05-09 19:31:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump ========== Files - Modified Within 30 Days ========== [2010-06-02 19:37:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2010-06-02 19:37:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2010-06-02 17:57:19 | 004,194,304 | -H-- | M] () -- C:\Documents and Settings\arek\NTUSER.DAT[2010-06-02 17:57:19 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\arek\ntuser.ini[2010-06-02 16:05:15 | 000,000,716 | ---- | M] () -- C:\WINDOWS\win.ini[2010-06-01 20:53:02 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Universal Anticheat 2.lnk[2010-06-01 07:17:08 | 000,093,572 | ---- | M] () -- C:\Documents and Settings\arek\Pulpit\Gear Of FuRioN.JPG[2010-05-31 22:21:47 | 000,000,105 | ---- | M] () -- C:\WINDOWS\System32\imon1.dat[2010-05-31 16:16:08 | 000,000,261 | ---- | M] () -- C:\WINDOWS\WPE by elektro255.INI[2010-05-31 10:58:56 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk[2010-05-30 19:52:42 | 000,014,848 | ---- | M] () -- C:\Documents and Settings\arek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2010-05-29 11:30:42 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt[2010-05-24 17:56:58 | 000,094,024 | ---- | M] () -- C:\Documents and Settings\arek\Moje dokumenty\angol 001.jpg[2010-05-24 17:56:33 | 000,197,973 | ---- | M] () -- C:\Documents and Settings\arek\Moje dokumenty\angol.jpg[2010-05-23 09:34:56 | 000,000,355 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Zoom.lnk[2010-05-23 09:34:52 | 000,000,865 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\HAmcap.lnk[2010-05-20 22:04:18 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Software Informer.lnk[2010-05-20 20:47:14 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk[2010-05-20 20:07:08 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts[2010-05-19 22:18:49 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\arek\Pulpit\OTL.exe[2010-05-19 21:30:38 | 000,298,104 | ---- | M] (Eset ) -- C:\WINDOWS\System32\imon.dll[2010-05-19 21:30:37 | 000,512,096 | ---- | M] (Eset ) -- C:\WINDOWS\System32\drivers\amon.sys[2010-05-19 21:30:37 | 000,015,424 | ---- | M] () -- C:\WINDOWS\System32\drivers\nod32drv.sys[2010-05-19 21:22:17 | 001,114,126 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI[2010-05-19 21:22:17 | 000,500,302 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat[2010-05-19 21:22:17 | 000,441,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2010-05-19 21:22:17 | 000,088,838 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat[2010-05-19 21:22:17 | 000,071,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2010-05-18 21:05:08 | 000,004,566 | ---- | M] () -- C:\WINDOWS\imsins.BAK[2010-05-17 21:25:41 | 000,002,527 | ---- | M] () -- C:\Documents and Settings\arek\Pulpit\HiJackThis.lnk[2010-05-16 21:31:04 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2010-05-16 21:04:03 | 000,005,930 | ---- | M] () -- C:\WINDOWS\CDex.INI[2010-05-09 19:35:33 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll[2010-05-09 15:52:15 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\DDS Converter 2.lnk[2010-05-06 09:23:44 | 000,265,613 | ---- | M] () -- C:\Documents and Settings\arek\Moje dokumenty\Zdjęcie003.jpg[2010-05-04 10:01:32 | 000,012,701 | -HS- | M] () -- C:\Documents and Settings\arek\Moje dokumenty\Folder.jpg[2010-05-04 10:01:32 | 000,012,701 | -HS- | M] () -- C:\Documents and Settings\arek\Moje dokumenty\AlbumArt_{6367C771-4E8D-4058-992E-0FD544C87A45}_Large.jpg[2010-05-04 10:01:32 | 000,003,104 | -HS- | M] () -- C:\Documents and Settings\arek\Moje dokumenty\AlbumArtSmall.jpg[2010-05-04 10:01:32 | 000,003,104 | -HS- | M] () -- C:\Documents and Settings\arek\Moje dokumenty\AlbumArt_{6367C771-4E8D-4058-992E-0FD544C87A45}_Small.jpg ========== Files Created - No Company Name ========== [2010-06-01 07:17:08 | 000,093,572 | ---- | C] () -- C:\Documents and Settings\arek\Pulpit\Gear Of FuRioN.JPG[2010-05-31 16:16:08 | 000,000,261 | ---- | C] () -- C:\WINDOWS\WPE by elektro255.INI[2010-05-24 17:56:50 | 000,094,024 | ---- | C] () -- C:\Documents and Settings\arek\Moje dokumenty\angol 001.jpg[2010-05-24 17:56:17 | 000,197,973 | ---- | C] () -- C:\Documents and Settings\arek\Moje dokumenty\angol.jpg[2010-05-23 09:34:57 | 000,024,576 | ---- | C] () -- C:\WINDOWS\VMPipe.dll[2010-05-23 09:34:56 | 000,000,355 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Zoom.lnk[2010-05-23 09:34:52 | 000,000,865 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\HAmcap.lnk[2010-05-20 22:04:18 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Software Informer.lnk[2010-05-20 20:47:14 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk[2010-05-19 21:31:02 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys[2010-05-18 20:11:08 | 000,000,105 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat[2010-05-17 20:03:07 | 000,002,527 | ---- | C] () -- C:\Documents and Settings\arek\Pulpit\HiJackThis.lnk[2010-05-16 20:57:14 | 000,005,930 | ---- | C] () -- C:\WINDOWS\CDex.INI[2010-05-06 09:23:07 | 000,265,613 | ---- | C] () -- C:\Documents and Settings\arek\Moje dokumenty\Zdjęcie003.jpg[2010-05-04 10:01:32 | 000,012,701 | -HS- | C] () -- C:\Documents and Settings\arek\Moje dokumenty\Folder.jpg[2010-05-04 10:01:32 | 000,012,701 | -HS- | C] () -- C:\Documents and Settings\arek\Moje dokumenty\AlbumArt_{6367C771-4E8D-4058-992E-0FD544C87A45}_Large.jpg[2010-05-04 10:01:32 | 000,003,104 | -HS- | C] () -- C:\Documents and Settings\arek\Moje dokumenty\AlbumArtSmall.jpg[2010-05-04 10:01:32 | 000,003,104 | -HS- | C] () -- C:\Documents and Settings\arek\Moje dokumenty\AlbumArt_{6367C771-4E8D-4058-992E-0FD544C87A45}_Small.jpg[2010-04-08 07:12:47 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys[2010-04-04 20:57:49 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys[2010-03-14 19:37:15 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys[2010-02-21 17:05:31 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI[2010-02-20 19:56:30 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2010-02-20 14:28:56 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll[2010-02-20 14:28:55 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini[2010-02-20 14:28:49 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll[2010-02-20 14:28:49 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll[2010-02-20 14:28:44 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll[2010-02-20 14:28:44 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest[2010-02-20 14:19:57 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll[2010-02-20 12:06:43 | 000,000,101 | ---- | C] () -- C:\WINDOWS\VSWizard.ini[2010-02-20 11:57:13 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll[2008-05-03 09:24:01 | 000,000,082 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini[2000-09-12 12:58:26 | 000,160,256 | ---- | C] () -- C:\WINDOWS\System32\ShrLk21.dll< End of report >


  • 0

#2 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 02 06 2010 - 20:23

Nie widać tu żadnej infekcji.
Kosmetyka:
Uruchom OTL i w oknie Custom Scans/Fixes wklej to:

:OTL
O4 - HKCU..\Run: [fsm] File not found

:Commands
[emptytemp]

Kliknij w Run Fix.

.

  • 0

#3 arekjezior

arekjezior

    Początkujący

  • 14 postów

Napisano 02 06 2010 - 20:30

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\fsm deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: arek
->Temp folder emptied: 75408349 bytes
->Temporary Internet Files folder emptied: 7522827 bytes
->Java cache emptied: 200999 bytes
->FireFox cache emptied: 93430815 bytes
->Flash cache emptied: 4421 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 1763429 bytes

Total Files Cleaned = 170,00 mb


OTL by OldTimer - Version 3.2.5.0 log created on 06022010_202816

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


dzięki bardzo myślałem że znowu ten snnas bo nod coś tam świrował z tym plikiem jeszcze raz dzieki
  • 0

#4 ordynat

ordynat

    Zaawansowany użytkownik

  • 804 postów

Napisano 02 06 2010 - 21:18

Powinno być OK.
.

  • 0




Użytkownicy przeglądający ten temat: 0

0 użytkowników, 0 gości, 0 anonimowych