Regulamin forum
1. Każdy temat powinien odzwierciedlać treść wątku.2. W przypadku wklejania logów; należy je wykonać od razu przynajmniej z dwóch narzędzi: FRST oraz z GMER
3. Wszelkie logi proszę publikować na przeznaczonych do tego stronach a w poście wklejać tylko link.
4. Nie wskazane jest skracanie logów, należy wkleić cały - od początku, do końca.
5. Nie wskazane jest podczepianie się do tematów innych użytkowników - proszę założyć nowy temat w dziale Bezpieczeństwo, ułatwi to pomoc sprawdzającemu.
6. Osoby nie posiadające odpowiedniej wiedzy, nie powinny sprawdzać logów, ponieważ grozi to poważnym uszkodzeniem systemu lub aplikacji zainstalowanych na komputerze.
7. Należy dokładnie opisać problem, występujące objawy oraz wszelkie podjęte działania.
8. Każdy skrypt jest unikatowy, napisany dla każdego przypadku z osobna, więc nie może być stosowany przez innych.
9. W przypadku zamieszczenia zrzutu ekranu (screenshot'a) proszę korzystać z zewnętrznego serwisu oferującego hosting zdjęć.
Re: Proszę o sprawdzenie Logów z OTL
09 Lut 2010, 18:06
Uruchom OTL 
w oknie Custom Scans/Fixes wklej:
Klikasz Run Fix. Dajesz log z usuwania + nowy log z OTL
Wylecz pamięci przenośne Flash Disinfector lub sformatuj
w oknie Custom Scans/Fixes wklej::OTL
MOD - [2010-02-09 12:52:46 | 000,085,504 | RHS- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\cvasds0.dll
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll File not found
O4 - HKU\S-1-5-21-1757981266-1979792683-682003330-1004..\Run: [cdoosoft] D:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\herss.exe ()
O32 - AutoRun File - [2010-02-09 13:12:12 | 000,000,051 | RHS- | M] () - C:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:12 | 000,000,051 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:12 | 000,000,051 | RHS- | M] () - E:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:12 | 000,000,051 | RHS- | M] () - F:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:14 | 000,000,051 | RHS- | M] () - G:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:14 | 000,000,051 | RHS- | M] () - H:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:14 | 000,000,051 | RHS- | M] () - I:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010-02-09 13:12:14 | 000,000,051 | RHS- | M] () - J:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{1b7344fe-0b6f-11df-9681-00120e49520f}\Shell\AutoRun\command - "" = 2o1ajagt.exe
O33 - MountPoints2\{1b7344fe-0b6f-11df-9681-00120e49520f}\Shell\open\Command - "" = 2o1ajagt.exe
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\AutoRun\command - "" = L:\sywyrl0q.exe -- File not found
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\open\Command - "" = L:\sywyrl0q.exe -- File not found
O33 - MountPoints2\{667bcee4-0426-11df-9664-00148588ab5e}\Shell\AutoRun\command - "" = L:\f.bat -- File not found
O33 - MountPoints2\{667bcee4-0426-11df-9664-00148588ab5e}\Shell\open\Command - "" = L:\f.bat -- File not found
O33 - MountPoints2\{fd580ba2-13e4-11df-969d-00120e49520f}\Shell\AutoRun\command - "" = L:\ws.exe -- File not found
O33 - MountPoints2\{fd580ba2-13e4-11df-969d-00120e49520f}\Shell\open\Command - "" = L:\ws.exe -- File not found
:Files
D:\FOUND.000
D:\ws.exe
C:\ws.exe
E:\ws.exe
F:\ws.exe
G:\ws.exe
H:\ws.exe
I:\ws.exe
J:\ws.exe
D:\bveijo.exe
C:\bveijo.exe
E:\bveijo.exe
F:\bveijo.exe
G:\bveijo.exe
H:\bveijo.exe
I:\bveijo.exe
J:\bveijo.exe
C:\9d6tpg.exe
D:\9d6tpg.exe
E:\9d6tpg.exe
F:\9d6tpg.exe
G:\9d6tpg.exe
H:\9d6tpg.exe
I:\9d6tpg.exe
J:\9d6tpg.exe
C:\1hqup.exe
D:\1hqup.exe
E:\1hqup.exe
F:\1hqup.exe
G:\1hqup.exe
H:\1hqup.exe
I:\1hqup.exe
J:\1hqup.exe
C:\mvmdh.exe
D:\mvmdh.exe
E:\mvmdh.exe
F:\mvmdh.exe
G:\mvmdh.exe
H:\mvmdh.exe
I:\mvmdh.exe
J:\mvmdh.exe
C:\0fpdq2dw.exe
D:\0fpdq2dw.exe
E:\0fpdq2dw.exe
F:\0fpdq2dw.exe
G:\0fpdq2dw.exe
H:\0fpdq2dw.exe
I:\0fpdq2dw.exe
J:\0fpdq2dw.exe
C:\df.exe
D:\df.exe
E:\df.exe
F:\df.exe
G:\df.exe
H:\df.exe
I:\df.exe
J:\df.exe
C:\c2e.exe
D:\c2e.exe
E:\c2e.exe
F:\c2e.exe
G:\c2e.exe
H:\c2e.exe
I:\c2e.exe
J:\c2e.exe
C:\qkm.exe
D:\qkm.exe
E:\qkm.exe
F:\qkm.exe
G:\qkm.exe
H:\qkm.exe
I:\qkm.exe
J:\qkm.exe
C:\9fo3ar0j.exe
D:\9fo3ar0j.exe
E:\9fo3ar0j.exe
F:\9fo3ar0j.exe
G:\9fo3ar0j.exe
H:\9fo3ar0j.exe
I:\9fo3ar0j.exe
J:\9fo3ar0j.exe
C:\sywyrl0q.exe
D:\sywyrl0q.exe
E:\sywyrl0q.exe
F:\sywyrl0q.exe
G:\sywyrl0q.exe
H:\sywyrl0q.exe
I:\sywyrl0q.exe
J:\sywyrl0q.exe
C:\9xf8.exe
D:\9xf8.exe
E:\9xf8.exe
F:\9xf8.exe
G:\9xf8.exe
H:\9xf8.exe
I:\9xf8.exe
J:\9xf8.exe
C:\f.bat
D:\f.bat
E:\f.bat
F:\f.bat
G:\f.bat
H:\f.bat
I:\f.bat
J:\f.bat
:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"SuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"ShowSuperHidden"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=dword:00000001
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]
@=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"RemoteControl"=-
"SoundMan"=-
"WinampAgent"=-
:Commands
[emptytemp]
Klikasz Run Fix. Dajesz log z usuwania + nowy log z OTL
Wylecz pamięci przenośne Flash Disinfector lub sformatuj
Re: Proszę o sprawdzenie Logów z OTL
09 Lut 2010, 19:47
Nie mogę wejść na strone www.wklej.eu wiec wklejam tutaj:
LOG z usuwania:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{E0E899AB-F487-11D5-8D29-0050BA6940E3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0E899AB-F487-11D5-8D29-0050BA6940E3}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1757981266-1979792683-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\cdoosoft deleted successfully.
D:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\herss.exe moved successfully.
C:\autorun.inf moved successfully.
D:\autorun.inf moved successfully.
E:\autorun.inf moved successfully.
F:\autorun.inf moved successfully.
G:\autorun.inf moved successfully.
H:\autorun.inf moved successfully.
I:\autorun.inf moved successfully.
J:\autorun.inf moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b7344fe-0b6f-11df-9681-00120e49520f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1b7344fe-0b6f-11df-9681-00120e49520f}\ not found.
File 2o1ajagt.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b7344fe-0b6f-11df-9681-00120e49520f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1b7344fe-0b6f-11df-9681-00120e49520f}\ not found.
File 2o1ajagt.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c017c36-029e-11df-965e-00148588ab5e}\ not found.
File L:\sywyrl0q.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c017c36-029e-11df-965e-00148588ab5e}\ not found.
File L:\sywyrl0q.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{667bcee4-0426-11df-9664-00148588ab5e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{667bcee4-0426-11df-9664-00148588ab5e}\ not found.
File L:\f.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{667bcee4-0426-11df-9664-00148588ab5e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{667bcee4-0426-11df-9664-00148588ab5e}\ not found.
File L:\f.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd580ba2-13e4-11df-969d-00120e49520f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd580ba2-13e4-11df-969d-00120e49520f}\ not found.
File L:\ws.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd580ba2-13e4-11df-969d-00120e49520f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd580ba2-13e4-11df-969d-00120e49520f}\ not found.
File L:\ws.exe not found.
========== FILES ==========
D:\FOUND.000 folder moved successfully.
D:\ws.exe moved successfully.
C:\ws.exe moved successfully.
E:\ws.exe moved successfully.
F:\ws.exe moved successfully.
G:\ws.exe moved successfully.
H:\ws.exe moved successfully.
I:\ws.exe moved successfully.
J:\ws.exe moved successfully.
D:\bveijo.exe moved successfully.
C:\bveijo.exe moved successfully.
E:\bveijo.exe moved successfully.
F:\bveijo.exe moved successfully.
G:\bveijo.exe moved successfully.
H:\bveijo.exe moved successfully.
I:\bveijo.exe moved successfully.
J:\bveijo.exe moved successfully.
C:\9d6tpg.exe moved successfully.
D:\9d6tpg.exe moved successfully.
E:\9d6tpg.exe moved successfully.
F:\9d6tpg.exe moved successfully.
G:\9d6tpg.exe moved successfully.
H:\9d6tpg.exe moved successfully.
I:\9d6tpg.exe moved successfully.
J:\9d6tpg.exe moved successfully.
C:\1hqup.exe moved successfully.
File\Folder D:\1hqup.exe not found.
E:\1hqup.exe moved successfully.
F:\1hqup.exe moved successfully.
G:\1hqup.exe moved successfully.
H:\1hqup.exe moved successfully.
I:\1hqup.exe moved successfully.
J:\1hqup.exe moved successfully.
C:\mvmdh.exe moved successfully.
D:\mvmdh.exe moved successfully.
E:\mvmdh.exe moved successfully.
F:\mvmdh.exe moved successfully.
G:\mvmdh.exe moved successfully.
H:\mvmdh.exe moved successfully.
I:\mvmdh.exe moved successfully.
J:\mvmdh.exe moved successfully.
C:\0fpdq2dw.exe moved successfully.
D:\0fpdq2dw.exe moved successfully.
E:\0fpdq2dw.exe moved successfully.
F:\0fpdq2dw.exe moved successfully.
G:\0fpdq2dw.exe moved successfully.
H:\0fpdq2dw.exe moved successfully.
I:\0fpdq2dw.exe moved successfully.
J:\0fpdq2dw.exe moved successfully.
C:\df.exe moved successfully.
D:\df.exe moved successfully.
E:\df.exe moved successfully.
F:\df.exe moved successfully.
G:\df.exe moved successfully.
H:\df.exe moved successfully.
I:\df.exe moved successfully.
J:\df.exe moved successfully.
C:\c2e.exe moved successfully.
D:\c2e.exe moved successfully.
E:\c2e.exe moved successfully.
F:\c2e.exe moved successfully.
G:\c2e.exe moved successfully.
H:\c2e.exe moved successfully.
I:\c2e.exe moved successfully.
J:\c2e.exe moved successfully.
C:\qkm.exe moved successfully.
D:\qkm.exe moved successfully.
E:\qkm.exe moved successfully.
F:\qkm.exe moved successfully.
G:\qkm.exe moved successfully.
H:\qkm.exe moved successfully.
I:\qkm.exe moved successfully.
J:\qkm.exe moved successfully.
C:\9fo3ar0j.exe moved successfully.
D:\9fo3ar0j.exe moved successfully.
E:\9fo3ar0j.exe moved successfully.
F:\9fo3ar0j.exe moved successfully.
G:\9fo3ar0j.exe moved successfully.
H:\9fo3ar0j.exe moved successfully.
I:\9fo3ar0j.exe moved successfully.
J:\9fo3ar0j.exe moved successfully.
C:\sywyrl0q.exe moved successfully.
D:\sywyrl0q.exe moved successfully.
E:\sywyrl0q.exe moved successfully.
F:\sywyrl0q.exe moved successfully.
G:\sywyrl0q.exe moved successfully.
H:\sywyrl0q.exe moved successfully.
I:\sywyrl0q.exe moved successfully.
J:\sywyrl0q.exe moved successfully.
C:\9xf8.exe moved successfully.
D:\9xf8.exe moved successfully.
E:\9xf8.exe moved successfully.
F:\9xf8.exe moved successfully.
G:\9xf8.exe moved successfully.
H:\9xf8.exe moved successfully.
I:\9xf8.exe moved successfully.
J:\9xf8.exe moved successfully.
C:\f.bat moved successfully.
D:\f.bat moved successfully.
E:\f.bat moved successfully.
F:\f.bat moved successfully.
G:\f.bat moved successfully.
H:\f.bat moved successfully.
I:\f.bat moved successfully.
J:\f.bat moved successfully.
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"SuperHidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"Hidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"ShowSuperHidden"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\Hidden\SHOWALL\\"CheckedValue"|dword:00000001 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\\@|"" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\RemoteControl deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SoundMan deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Default User
Temp folder emptied: 0 bytes
Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: NetworkService
Temp folder emptied: 0 bytes
Temporary Internet Files folder emptied: 402 bytes
User: LocalService
Temp folder emptied: 0 bytes
Temporary Internet Files folder emptied: 33170 bytes
User: Przemek
Temp folder emptied: 13909470 bytes
Temporary Internet Files folder emptied: 124498 bytes
FireFox cache emptied: 30074040 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2129157 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 315462 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 44,00 mb
OTL by OldTimer - Version 3.1.28.0 log created on 02092010_183136
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
NOWY LOG Z OTL
OTL logfile created on: 2010-02-09 18:34:02 - Run 3
OTL by OldTimer - Version 3.1.28.0 Folder = D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
767,00 Mb Total Physical Memory | 526,00 Mb Available Physical Memory | 69,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): D:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 18,62 Gb Total Space | 10,67 Gb Free Space | 57,32% Space Free | Partition Type: FAT32
Drive D: | 18,60 Gb Total Space | 13,55 Gb Free Space | 72,85% Space Free | Partition Type: FAT32
Drive E: | 18,62 Gb Total Space | 17,16 Gb Free Space | 92,13% Space Free | Partition Type: FAT32
Drive F: | 18,62 Gb Total Space | 18,61 Gb Free Space | 99,91% Space Free | Partition Type: FAT32
Drive G: | 18,63 Gb Total Space | 0,41 Gb Free Space | 2,20% Space Free | Partition Type: FAT32
Drive H: | 18,44 Gb Total Space | 2,84 Gb Free Space | 15,43% Space Free | Partition Type: FAT32
Drive I: | 18,44 Gb Total Space | 5,71 Gb Free Space | 30,99% Space Free | Partition Type: FAT32
Drive J: | 18,99 Gb Total Space | 7,10 Gb Free Space | 37,37% Space Free | Partition Type: FAT32
Computer Name: 294E10E81B86438
Current User Name: Przemek
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010-02-09 12:22:06 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie\OTL(2).exe
PRC - [2009-12-22 18:49:58 | 000,908,248 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2006-03-02 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2006-03-02 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscntfy.exe
PRC - [2005-12-14 15:22:02 | 005,856,256 | ---- | M] () -- D:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWLan.exe
PRC - [2005-12-02 14:52:56 | 000,053,248 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2005-12-02 14:28:54 | 000,098,352 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2005-12-02 14:28:50 | 000,098,352 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2005-12-02 14:28:36 | 000,241,712 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2005-12-02 14:28:28 | 000,360,496 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2005-10-11 18:57:16 | 004,780,118 | ---- | M] (Ahead Software AG) -- D:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe
PRC - [2005-08-03 16:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) -- D:\WINDOWS\system32\ati2evxx.exe
PRC - [2001-09-12 19:20:02 | 000,196,608 | ---- | M] (HP) -- D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
========== Modules (SafeList) ==========
MOD - [2010-02-09 12:22:06 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie\OTL(2).exe
MOD - [2006-08-25 16:51:14 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2005-12-02 14:52:56 | 000,053,248 | ---- | M] () [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2005-12-02 14:28:50 | 000,098,352 | ---- | M] () [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2005-12-02 14:28:36 | 000,241,712 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2005-12-02 14:28:28 | 000,360,496 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2005-08-03 16:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- D:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
========== Driver Services (SafeList) ==========
DRV - [2010-01-15 10:46:28 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2006-06-01 23:11:08 | 000,020,640 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006-03-02 12:00:00 | 000,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006-03-02 12:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2005-12-02 15:05:54 | 000,083,968 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2005-12-02 15:04:36 | 000,016,352 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2005-12-02 15:03:28 | 000,036,176 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2005-12-02 15:01:32 | 000,021,840 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2005-10-20 12:05:00 | 000,282,240 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rtl8185.sys -- (rtl8185)
DRV - [2005-08-03 16:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-12-22 10:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-12-02 09:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2003-07-01 21:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002-10-02 09:57:12 | 000,013,532 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2006-12-28 09:53:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2006-12-28 09:53:54 | 000,000,000 | ---D | M]
[2010-01-15 11:21:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Extensions
[2006-12-28 09:54:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Firefox\Profiles\esbemnus.default\extensions
[2006-12-28 09:53:54 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2009-12-22 04:48:34 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-12-22 04:48:34 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-22 04:48:34 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-22 04:48:34 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-12-22 04:48:34 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-22 04:48:34 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2006-03-02 12:00:00 | 000,000,742 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (IeCatch2 Class) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\Program Files\FlashGet\Jccatch.dll (Amaze Soft)
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk = D:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWLan.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Download All by FlashGet - D:\Program Files\FlashGet\jc_all.htm ()
O8 - Extra context menu item: Download using FlashGet - D:\Program Files\FlashGet\jc_link.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-01-03 20:53:02 | 000,000,133 | ---- | M] () - C:\Autoexec.bat -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010-02-09 18:31:36 | 000,000,000 | ---D | C] -- D:\_OTL
[2010-02-09 12:17:52 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Przemek\Recent
[2010-02-09 11:34:00 | 000,036,176 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2010-02-09 11:34:00 | 000,016,352 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2010-02-09 11:33:59 | 000,021,840 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aavmker4.sys
[2010-02-09 11:33:58 | 000,085,760 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon.sys
[2010-02-09 11:33:58 | 000,083,968 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon2.sys
[2010-02-09 11:33:54 | 001,060,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MFC71.dll
[2010-02-09 11:33:54 | 000,499,712 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MSVCP71.dll
[2010-02-09 11:33:54 | 000,348,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MSVCR71.dll
[2010-02-09 11:33:54 | 000,090,112 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\AVASTSS.scr
[2010-02-09 11:33:53 | 000,000,000 | ---D | C] -- D:\Program Files\Alwil Software
[2010-02-02 15:31:55 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\GTA Vice City User Files
[2010-02-02 15:24:15 | 000,000,000 | ---D | C] -- D:\Program Files\GTA Vice City
[2010-02-01 19:07:37 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Nowy folder
[2010-01-21 13:04:53 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbprint.sys
[2010-01-21 13:04:33 | 000,031,616 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbccgp.sys
[2010-01-20 13:04:41 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2010-01-16 13:54:59 | 000,026,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbstor.sys
[2010-01-15 21:05:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\cache
[2010-01-15 21:02:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-15 21:02:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\OpenFM
[2010-01-15 21:02:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\Gadu-Gadu 10
[2010-01-15 19:17:01 | 000,000,000 | ---D | C] -- D:\Program Files\TopCD
[2010-01-15 14:28:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\AdCache
[2010-01-15 14:28:10 | 000,000,000 | ---D | C] -- D:\Program Files\FlashGet
[2010-01-15 11:39:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie
[2010-01-15 11:30:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\My Games
[2010-01-15 11:05:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\Macromedia
[2010-01-15 10:46:26 | 000,021,035 | ---- | C] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010-01-15 10:46:11 | 000,282,240 | ---- | C] (Realtek Semiconductor Corporation ) -- D:\WINDOWS\System32\drivers\rtl8185.sys
[2010-01-15 10:46:11 | 000,013,532 | ---- | C] (Windows (R) 2000 DDK provider) -- D:\WINDOWS\System32\drivers\SjyPkt.sys
[2010-01-15 10:46:09 | 000,000,000 | ---D | C] -- D:\Program Files\Nonbrand
[2006-12-28 09:51:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-12-28 09:51:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-12-28 09:39:34 | 000,000,000 | --SD | M] -- D:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2006-12-28 09:39:34 | 000,000,000 | --SD | M] -- D:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
========== Files - Modified Within 30 Days ==========
[2010-02-09 18:32:40 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010-02-09 18:32:38 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010-02-09 18:31:56 | 003,407,872 | -H-- | M] () -- D:\Documents and Settings\Przemek\NTUSER.DAT
[2010-02-09 18:31:52 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\Przemek\ntuser.ini
[2010-02-09 18:28:52 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2010-02-09 17:22:32 | 000,091,136 | RHS- | M] () -- D:\9qqigqwf.exe
[2010-02-09 15:43:58 | 004,270,352 | -H-- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-02-09 13:17:44 | 000,013,824 | ---- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-09 12:52:26 | 000,096,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-09 12:01:38 | 000,000,133 | ---- | M] () -- D:\WINDOWS\ODBC.INI
[2010-02-09 11:34:02 | 000,001,623 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-02-09 11:34:00 | 000,002,645 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010-02-08 18:47:10 | 000,013,646 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010-02-07 16:23:34 | 000,001,065 | ---- | M] () -- D:\WINDOWS\winamp.ini
[2010-02-06 18:48:22 | 000,000,030 | ---- | M] () -- D:\WINDOWS\TextSpy.ini
[2010-02-01 19:01:18 | 000,000,567 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\Gadu-Gadu.lnk
[2010-01-27 17:04:34 | 003,926,801 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\sebi& dj mysz. cipul.mp3
[2010-01-20 13:06:08 | 000,027,708 | ---- | M] () -- D:\Documents and Settings\Przemek\Moje dokumenty\cc_20100120_130532.reg
[2010-01-20 13:04:44 | 000,001,462 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\CCleaner.lnk
[2010-01-19 15:16:04 | 000,000,498 | ---- | M] () -- D:\WINDOWS\win.ini
[2010-01-15 10:46:28 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010-01-15 10:46:10 | 000,001,703 | ---- | M] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk
========== Files Created - No Company Name ==========
[2010-02-09 17:22:57 | 000,091,136 | RHS- | C] () -- D:\9qqigqwf.exe
[2010-02-09 12:01:36 | 000,000,133 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2010-02-09 11:34:00 | 000,001,623 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-02-09 11:33:54 | 000,478,208 | ---- | C] () -- D:\WINDOWS\System32\aswBoot.exe
[2010-02-09 11:33:54 | 000,380,928 | ---- | C] () -- D:\WINDOWS\System32\actskin4.ocx
[2010-02-01 19:01:17 | 000,000,567 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\Gadu-Gadu.lnk
[2010-01-27 16:56:22 | 003,926,801 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\sebi& dj mysz. cipul.mp3
[2010-01-20 13:05:34 | 000,027,708 | ---- | C] () -- D:\Documents and Settings\Przemek\Moje dokumenty\cc_20100120_130532.reg
[2010-01-20 13:04:42 | 000,001,462 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\CCleaner.lnk
[2010-01-15 10:46:09 | 000,001,703 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk
[2006-12-28 14:02:13 | 000,001,065 | ---- | C] () -- D:\WINDOWS\winamp.ini
[2006-12-28 14:02:12 | 000,088,064 | ---- | C] () -- D:\WINDOWS\System32\AudioExCtl.dll
[2006-12-28 13:44:59 | 000,765,952 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2006-12-28 13:44:59 | 000,180,224 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2006-12-28 13:22:55 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2006-12-28 13:22:54 | 000,013,824 | ---- | C] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-12-28 12:46:22 | 000,000,030 | ---- | C] () -- D:\WINDOWS\TextSpy.ini
[2006-12-28 12:29:02 | 000,000,164 | ---- | C] () -- D:\WINDOWS\avrack.ini
[2006-12-28 12:28:58 | 000,156,672 | ---- | C] () -- D:\WINDOWS\System32\RtlCPAPI.dll
[2006-12-28 09:28:49 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys
[2006-12-28 09:26:40 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll
[2006-06-01 23:10:25 | 003,596,288 | ---- | C] () -- D:\WINDOWS\System32\qt-dx331.dll
[2006-06-01 23:06:32 | 000,012,288 | ---- | C] () -- D:\WINDOWS\System32\DivXWMPExtType.dll
< End of report >
LOG z usuwania:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{E0E899AB-F487-11D5-8D29-0050BA6940E3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0E899AB-F487-11D5-8D29-0050BA6940E3}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1757981266-1979792683-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\cdoosoft deleted successfully.
D:\Documents and Settings\Przemek\Ustawienia lokalne\Temp\herss.exe moved successfully.
C:\autorun.inf moved successfully.
D:\autorun.inf moved successfully.
E:\autorun.inf moved successfully.
F:\autorun.inf moved successfully.
G:\autorun.inf moved successfully.
H:\autorun.inf moved successfully.
I:\autorun.inf moved successfully.
J:\autorun.inf moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b7344fe-0b6f-11df-9681-00120e49520f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1b7344fe-0b6f-11df-9681-00120e49520f}\ not found.
File 2o1ajagt.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b7344fe-0b6f-11df-9681-00120e49520f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1b7344fe-0b6f-11df-9681-00120e49520f}\ not found.
File 2o1ajagt.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c017c36-029e-11df-965e-00148588ab5e}\ not found.
File L:\sywyrl0q.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5c017c36-029e-11df-965e-00148588ab5e}\ not found.
File L:\sywyrl0q.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{667bcee4-0426-11df-9664-00148588ab5e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{667bcee4-0426-11df-9664-00148588ab5e}\ not found.
File L:\f.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{667bcee4-0426-11df-9664-00148588ab5e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{667bcee4-0426-11df-9664-00148588ab5e}\ not found.
File L:\f.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd580ba2-13e4-11df-969d-00120e49520f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd580ba2-13e4-11df-969d-00120e49520f}\ not found.
File L:\ws.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd580ba2-13e4-11df-969d-00120e49520f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fd580ba2-13e4-11df-969d-00120e49520f}\ not found.
File L:\ws.exe not found.
========== FILES ==========
D:\FOUND.000 folder moved successfully.
D:\ws.exe moved successfully.
C:\ws.exe moved successfully.
E:\ws.exe moved successfully.
F:\ws.exe moved successfully.
G:\ws.exe moved successfully.
H:\ws.exe moved successfully.
I:\ws.exe moved successfully.
J:\ws.exe moved successfully.
D:\bveijo.exe moved successfully.
C:\bveijo.exe moved successfully.
E:\bveijo.exe moved successfully.
F:\bveijo.exe moved successfully.
G:\bveijo.exe moved successfully.
H:\bveijo.exe moved successfully.
I:\bveijo.exe moved successfully.
J:\bveijo.exe moved successfully.
C:\9d6tpg.exe moved successfully.
D:\9d6tpg.exe moved successfully.
E:\9d6tpg.exe moved successfully.
F:\9d6tpg.exe moved successfully.
G:\9d6tpg.exe moved successfully.
H:\9d6tpg.exe moved successfully.
I:\9d6tpg.exe moved successfully.
J:\9d6tpg.exe moved successfully.
C:\1hqup.exe moved successfully.
File\Folder D:\1hqup.exe not found.
E:\1hqup.exe moved successfully.
F:\1hqup.exe moved successfully.
G:\1hqup.exe moved successfully.
H:\1hqup.exe moved successfully.
I:\1hqup.exe moved successfully.
J:\1hqup.exe moved successfully.
C:\mvmdh.exe moved successfully.
D:\mvmdh.exe moved successfully.
E:\mvmdh.exe moved successfully.
F:\mvmdh.exe moved successfully.
G:\mvmdh.exe moved successfully.
H:\mvmdh.exe moved successfully.
I:\mvmdh.exe moved successfully.
J:\mvmdh.exe moved successfully.
C:\0fpdq2dw.exe moved successfully.
D:\0fpdq2dw.exe moved successfully.
E:\0fpdq2dw.exe moved successfully.
F:\0fpdq2dw.exe moved successfully.
G:\0fpdq2dw.exe moved successfully.
H:\0fpdq2dw.exe moved successfully.
I:\0fpdq2dw.exe moved successfully.
J:\0fpdq2dw.exe moved successfully.
C:\df.exe moved successfully.
D:\df.exe moved successfully.
E:\df.exe moved successfully.
F:\df.exe moved successfully.
G:\df.exe moved successfully.
H:\df.exe moved successfully.
I:\df.exe moved successfully.
J:\df.exe moved successfully.
C:\c2e.exe moved successfully.
D:\c2e.exe moved successfully.
E:\c2e.exe moved successfully.
F:\c2e.exe moved successfully.
G:\c2e.exe moved successfully.
H:\c2e.exe moved successfully.
I:\c2e.exe moved successfully.
J:\c2e.exe moved successfully.
C:\qkm.exe moved successfully.
D:\qkm.exe moved successfully.
E:\qkm.exe moved successfully.
F:\qkm.exe moved successfully.
G:\qkm.exe moved successfully.
H:\qkm.exe moved successfully.
I:\qkm.exe moved successfully.
J:\qkm.exe moved successfully.
C:\9fo3ar0j.exe moved successfully.
D:\9fo3ar0j.exe moved successfully.
E:\9fo3ar0j.exe moved successfully.
F:\9fo3ar0j.exe moved successfully.
G:\9fo3ar0j.exe moved successfully.
H:\9fo3ar0j.exe moved successfully.
I:\9fo3ar0j.exe moved successfully.
J:\9fo3ar0j.exe moved successfully.
C:\sywyrl0q.exe moved successfully.
D:\sywyrl0q.exe moved successfully.
E:\sywyrl0q.exe moved successfully.
F:\sywyrl0q.exe moved successfully.
G:\sywyrl0q.exe moved successfully.
H:\sywyrl0q.exe moved successfully.
I:\sywyrl0q.exe moved successfully.
J:\sywyrl0q.exe moved successfully.
C:\9xf8.exe moved successfully.
D:\9xf8.exe moved successfully.
E:\9xf8.exe moved successfully.
F:\9xf8.exe moved successfully.
G:\9xf8.exe moved successfully.
H:\9xf8.exe moved successfully.
I:\9xf8.exe moved successfully.
J:\9xf8.exe moved successfully.
C:\f.bat moved successfully.
D:\f.bat moved successfully.
E:\f.bat moved successfully.
F:\f.bat moved successfully.
G:\f.bat moved successfully.
H:\f.bat moved successfully.
I:\f.bat moved successfully.
J:\f.bat moved successfully.
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"SuperHidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"Hidden"|dword:00000001 /E : value set successfully!
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"ShowSuperHidden"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\Hidden\SHOWALL\\"CheckedValue"|dword:00000001 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden\\@|"" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\RemoteControl deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SoundMan deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Default User
Temp folder emptied: 0 bytesTemporary Internet Files folder emptied: 33170 bytesUser: All Users
User: NetworkService
Temp folder emptied: 0 bytesTemporary Internet Files folder emptied: 402 bytesUser: LocalService
Temp folder emptied: 0 bytesTemporary Internet Files folder emptied: 33170 bytesUser: Przemek
Temp folder emptied: 13909470 bytesTemporary Internet Files folder emptied: 124498 bytesFireFox cache emptied: 30074040 bytes%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2129157 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 315462 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 44,00 mb
OTL by OldTimer - Version 3.1.28.0 log created on 02092010_183136
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
NOWY LOG Z OTL
OTL logfile created on: 2010-02-09 18:34:02 - Run 3
OTL by OldTimer - Version 3.1.28.0 Folder = D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
767,00 Mb Total Physical Memory | 526,00 Mb Available Physical Memory | 69,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): D:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 18,62 Gb Total Space | 10,67 Gb Free Space | 57,32% Space Free | Partition Type: FAT32
Drive D: | 18,60 Gb Total Space | 13,55 Gb Free Space | 72,85% Space Free | Partition Type: FAT32
Drive E: | 18,62 Gb Total Space | 17,16 Gb Free Space | 92,13% Space Free | Partition Type: FAT32
Drive F: | 18,62 Gb Total Space | 18,61 Gb Free Space | 99,91% Space Free | Partition Type: FAT32
Drive G: | 18,63 Gb Total Space | 0,41 Gb Free Space | 2,20% Space Free | Partition Type: FAT32
Drive H: | 18,44 Gb Total Space | 2,84 Gb Free Space | 15,43% Space Free | Partition Type: FAT32
Drive I: | 18,44 Gb Total Space | 5,71 Gb Free Space | 30,99% Space Free | Partition Type: FAT32
Drive J: | 18,99 Gb Total Space | 7,10 Gb Free Space | 37,37% Space Free | Partition Type: FAT32
Computer Name: 294E10E81B86438
Current User Name: Przemek
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010-02-09 12:22:06 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie\OTL(2).exe
PRC - [2009-12-22 18:49:58 | 000,908,248 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2006-03-02 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2006-03-02 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscntfy.exe
PRC - [2005-12-14 15:22:02 | 005,856,256 | ---- | M] () -- D:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWLan.exe
PRC - [2005-12-02 14:52:56 | 000,053,248 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2005-12-02 14:28:54 | 000,098,352 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2005-12-02 14:28:50 | 000,098,352 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2005-12-02 14:28:36 | 000,241,712 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2005-12-02 14:28:28 | 000,360,496 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2005-10-11 18:57:16 | 004,780,118 | ---- | M] (Ahead Software AG) -- D:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe
PRC - [2005-08-03 16:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) -- D:\WINDOWS\system32\ati2evxx.exe
PRC - [2001-09-12 19:20:02 | 000,196,608 | ---- | M] (HP) -- D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
========== Modules (SafeList) ==========
MOD - [2010-02-09 12:22:06 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie\OTL(2).exe
MOD - [2006-08-25 16:51:14 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2005-12-02 14:52:56 | 000,053,248 | ---- | M] () [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2005-12-02 14:28:50 | 000,098,352 | ---- | M] () [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2005-12-02 14:28:36 | 000,241,712 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2005-12-02 14:28:28 | 000,360,496 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2005-08-03 16:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- D:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
========== Driver Services (SafeList) ==========
DRV - [2010-01-15 10:46:28 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2006-06-01 23:11:08 | 000,020,640 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006-03-02 12:00:00 | 000,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006-03-02 12:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2005-12-02 15:05:54 | 000,083,968 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2005-12-02 15:04:36 | 000,016,352 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2005-12-02 15:03:28 | 000,036,176 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2005-12-02 15:01:32 | 000,021,840 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2005-10-20 12:05:00 | 000,282,240 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rtl8185.sys -- (rtl8185)
DRV - [2005-08-03 16:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-12-22 10:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-12-02 09:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2003-07-01 21:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002-10-02 09:57:12 | 000,013,532 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2006-12-28 09:53:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2006-12-28 09:53:54 | 000,000,000 | ---D | M]
[2010-01-15 11:21:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Extensions
[2006-12-28 09:54:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Firefox\Profiles\esbemnus.default\extensions
[2006-12-28 09:53:54 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2009-12-22 04:48:34 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-12-22 04:48:34 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-22 04:48:34 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-22 04:48:34 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-12-22 04:48:34 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-22 04:48:34 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2006-03-02 12:00:00 | 000,000,742 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (IeCatch2 Class) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\Program Files\FlashGet\Jccatch.dll (Amaze Soft)
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk = D:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWLan.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Download All by FlashGet - D:\Program Files\FlashGet\jc_all.htm ()
O8 - Extra context menu item: Download using FlashGet - D:\Program Files\FlashGet\jc_link.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-01-03 20:53:02 | 000,000,133 | ---- | M] () - C:\Autoexec.bat -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010-02-09 18:31:36 | 000,000,000 | ---D | C] -- D:\_OTL
[2010-02-09 12:17:52 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Przemek\Recent
[2010-02-09 11:34:00 | 000,036,176 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2010-02-09 11:34:00 | 000,016,352 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2010-02-09 11:33:59 | 000,021,840 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aavmker4.sys
[2010-02-09 11:33:58 | 000,085,760 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon.sys
[2010-02-09 11:33:58 | 000,083,968 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon2.sys
[2010-02-09 11:33:54 | 001,060,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MFC71.dll
[2010-02-09 11:33:54 | 000,499,712 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MSVCP71.dll
[2010-02-09 11:33:54 | 000,348,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MSVCR71.dll
[2010-02-09 11:33:54 | 000,090,112 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\AVASTSS.scr
[2010-02-09 11:33:53 | 000,000,000 | ---D | C] -- D:\Program Files\Alwil Software
[2010-02-02 15:31:55 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\GTA Vice City User Files
[2010-02-02 15:24:15 | 000,000,000 | ---D | C] -- D:\Program Files\GTA Vice City
[2010-02-01 19:07:37 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Nowy folder
[2010-01-21 13:04:53 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbprint.sys
[2010-01-21 13:04:33 | 000,031,616 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbccgp.sys
[2010-01-20 13:04:41 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2010-01-16 13:54:59 | 000,026,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbstor.sys
[2010-01-15 21:05:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\cache
[2010-01-15 21:02:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-15 21:02:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\OpenFM
[2010-01-15 21:02:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\Gadu-Gadu 10
[2010-01-15 19:17:01 | 000,000,000 | ---D | C] -- D:\Program Files\TopCD
[2010-01-15 14:28:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\AdCache
[2010-01-15 14:28:10 | 000,000,000 | ---D | C] -- D:\Program Files\FlashGet
[2010-01-15 11:39:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie
[2010-01-15 11:30:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\My Games
[2010-01-15 11:05:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\Macromedia
[2010-01-15 10:46:26 | 000,021,035 | ---- | C] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010-01-15 10:46:11 | 000,282,240 | ---- | C] (Realtek Semiconductor Corporation ) -- D:\WINDOWS\System32\drivers\rtl8185.sys
[2010-01-15 10:46:11 | 000,013,532 | ---- | C] (Windows (R) 2000 DDK provider) -- D:\WINDOWS\System32\drivers\SjyPkt.sys
[2010-01-15 10:46:09 | 000,000,000 | ---D | C] -- D:\Program Files\Nonbrand
[2006-12-28 09:51:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-12-28 09:51:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-12-28 09:39:34 | 000,000,000 | --SD | M] -- D:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2006-12-28 09:39:34 | 000,000,000 | --SD | M] -- D:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
========== Files - Modified Within 30 Days ==========
[2010-02-09 18:32:40 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010-02-09 18:32:38 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010-02-09 18:31:56 | 003,407,872 | -H-- | M] () -- D:\Documents and Settings\Przemek\NTUSER.DAT
[2010-02-09 18:31:52 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\Przemek\ntuser.ini
[2010-02-09 18:28:52 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2010-02-09 17:22:32 | 000,091,136 | RHS- | M] () -- D:\9qqigqwf.exe
[2010-02-09 15:43:58 | 004,270,352 | -H-- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-02-09 13:17:44 | 000,013,824 | ---- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-09 12:52:26 | 000,096,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-09 12:01:38 | 000,000,133 | ---- | M] () -- D:\WINDOWS\ODBC.INI
[2010-02-09 11:34:02 | 000,001,623 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-02-09 11:34:00 | 000,002,645 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010-02-08 18:47:10 | 000,013,646 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010-02-07 16:23:34 | 000,001,065 | ---- | M] () -- D:\WINDOWS\winamp.ini
[2010-02-06 18:48:22 | 000,000,030 | ---- | M] () -- D:\WINDOWS\TextSpy.ini
[2010-02-01 19:01:18 | 000,000,567 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\Gadu-Gadu.lnk
[2010-01-27 17:04:34 | 003,926,801 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\sebi& dj mysz. cipul.mp3
[2010-01-20 13:06:08 | 000,027,708 | ---- | M] () -- D:\Documents and Settings\Przemek\Moje dokumenty\cc_20100120_130532.reg
[2010-01-20 13:04:44 | 000,001,462 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\CCleaner.lnk
[2010-01-19 15:16:04 | 000,000,498 | ---- | M] () -- D:\WINDOWS\win.ini
[2010-01-15 10:46:28 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010-01-15 10:46:10 | 000,001,703 | ---- | M] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk
========== Files Created - No Company Name ==========
[2010-02-09 17:22:57 | 000,091,136 | RHS- | C] () -- D:\9qqigqwf.exe
[2010-02-09 12:01:36 | 000,000,133 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2010-02-09 11:34:00 | 000,001,623 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-02-09 11:33:54 | 000,478,208 | ---- | C] () -- D:\WINDOWS\System32\aswBoot.exe
[2010-02-09 11:33:54 | 000,380,928 | ---- | C] () -- D:\WINDOWS\System32\actskin4.ocx
[2010-02-01 19:01:17 | 000,000,567 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\Gadu-Gadu.lnk
[2010-01-27 16:56:22 | 003,926,801 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\sebi& dj mysz. cipul.mp3
[2010-01-20 13:05:34 | 000,027,708 | ---- | C] () -- D:\Documents and Settings\Przemek\Moje dokumenty\cc_20100120_130532.reg
[2010-01-20 13:04:42 | 000,001,462 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\CCleaner.lnk
[2010-01-15 10:46:09 | 000,001,703 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk
[2006-12-28 14:02:13 | 000,001,065 | ---- | C] () -- D:\WINDOWS\winamp.ini
[2006-12-28 14:02:12 | 000,088,064 | ---- | C] () -- D:\WINDOWS\System32\AudioExCtl.dll
[2006-12-28 13:44:59 | 000,765,952 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2006-12-28 13:44:59 | 000,180,224 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2006-12-28 13:22:55 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2006-12-28 13:22:54 | 000,013,824 | ---- | C] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-12-28 12:46:22 | 000,000,030 | ---- | C] () -- D:\WINDOWS\TextSpy.ini
[2006-12-28 12:29:02 | 000,000,164 | ---- | C] () -- D:\WINDOWS\avrack.ini
[2006-12-28 12:28:58 | 000,156,672 | ---- | C] () -- D:\WINDOWS\System32\RtlCPAPI.dll
[2006-12-28 09:28:49 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys
[2006-12-28 09:26:40 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll
[2006-06-01 23:10:25 | 003,596,288 | ---- | C] () -- D:\WINDOWS\System32\qt-dx331.dll
[2006-06-01 23:06:32 | 000,012,288 | ---- | C] () -- D:\WINDOWS\System32\DivXWMPExtType.dll
< End of report >
Re: Proszę o sprawdzenie Logów z OTL
09 Lut 2010, 19:48
jeszcze mam 2 podejrzanie pliki na dyskach tzn 9qqigqwf.exe oraz Ic.exe
Re: Proszę o sprawdzenie Logów z OTL
09 Lut 2010, 20:23
Uruchom OTL w oknie Custom Scans/Fixes wklej:
Klikasz Run Fix. Dajesz log z usuwania + nowy log z OTL
w oknie Custom Scans/Fixes wklej::OTL
:Files
C:\9qqigqwf.exe
D:\9qqigqwf.exe
E:\9qqigqwf.exe
F:\9qqigqwf.exe
G:\9qqigqwf.exe
H:\9qqigqwf.exe
I:\9qqigqwf.exe
J:\9qqigqwf.exe
C:\Ic.exe
D:\Ic.exe
E:\Ic.exe
F:\Ic.exe
G:\Ic.exe
H:\Ic.exe
I:\Ic.exe
J:\Ic.exe
Klikasz Run Fix. Dajesz log z usuwania + nowy log z OTL
Re: Proszę o sprawdzenie Logów z OTL
09 Lut 2010, 21:41
LOG Z USUWANIA
========== OTL ==========
========== FILES ==========
C:\9qqigqwf.exe moved successfully.
D:\9qqigqwf.exe moved successfully.
E:\9qqigqwf.exe moved successfully.
F:\9qqigqwf.exe moved successfully.
G:\9qqigqwf.exe moved successfully.
H:\9qqigqwf.exe moved successfully.
I:\9qqigqwf.exe moved successfully.
J:\9qqigqwf.exe moved successfully.
File\Folder C:\Ic.exe not found.
File\Folder D:\Ic.exe not found.
File\Folder E:\Ic.exe not found.
File\Folder F:\Ic.exe not found.
File\Folder G:\Ic.exe not found.
File\Folder H:\Ic.exe not found.
File\Folder I:\Ic.exe not found.
File\Folder J:\Ic.exe not found.
OTL by OldTimer - Version 3.1.28.0 log created on 02092010_203605
NOWY LOG Z OTL
OTL logfile created on: 2010-02-09 20:37:38 - Run 4
OTL by OldTimer - Version 3.1.28.0 Folder = D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
767,00 Mb Total Physical Memory | 492,00 Mb Available Physical Memory | 64,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): D:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 18,62 Gb Total Space | 10,67 Gb Free Space | 57,32% Space Free | Partition Type: FAT32
Drive D: | 18,60 Gb Total Space | 13,54 Gb Free Space | 72,76% Space Free | Partition Type: FAT32
Drive E: | 18,62 Gb Total Space | 17,16 Gb Free Space | 92,13% Space Free | Partition Type: FAT32
Drive F: | 18,62 Gb Total Space | 18,60 Gb Free Space | 99,91% Space Free | Partition Type: FAT32
Drive G: | 18,63 Gb Total Space | 0,41 Gb Free Space | 2,20% Space Free | Partition Type: FAT32
Drive H: | 18,44 Gb Total Space | 2,84 Gb Free Space | 15,43% Space Free | Partition Type: FAT32
Drive I: | 18,44 Gb Total Space | 5,71 Gb Free Space | 30,99% Space Free | Partition Type: FAT32
Drive J: | 18,99 Gb Total Space | 7,10 Gb Free Space | 37,37% Space Free | Partition Type: FAT32
Computer Name: 294E10E81B86438
Current User Name: Przemek
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010-02-09 12:22:06 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie\OTL(2).exe
PRC - [2009-12-22 18:49:58 | 000,908,248 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2006-03-02 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2006-03-02 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscntfy.exe
PRC - [2005-12-14 15:22:02 | 005,856,256 | ---- | M] () -- D:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWLan.exe
PRC - [2005-12-02 14:52:56 | 000,053,248 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2005-12-02 14:28:54 | 000,098,352 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2005-12-02 14:28:50 | 000,098,352 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2005-12-02 14:28:36 | 000,241,712 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2005-12-02 14:28:28 | 000,360,496 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2005-08-03 16:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) -- D:\WINDOWS\system32\ati2evxx.exe
PRC - [2001-09-12 19:20:02 | 000,196,608 | ---- | M] (HP) -- D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
========== Modules (SafeList) ==========
MOD - [2010-02-09 12:22:06 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie\OTL(2).exe
MOD - [2006-08-25 16:51:14 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2005-12-02 14:52:56 | 000,053,248 | ---- | M] () [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2005-12-02 14:28:50 | 000,098,352 | ---- | M] () [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2005-12-02 14:28:36 | 000,241,712 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2005-12-02 14:28:28 | 000,360,496 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2005-08-03 16:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- D:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
========== Driver Services (SafeList) ==========
DRV - [2010-01-15 10:46:28 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2006-06-01 23:11:08 | 000,020,640 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006-03-02 12:00:00 | 000,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006-03-02 12:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2005-12-02 15:05:54 | 000,083,968 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2005-12-02 15:04:36 | 000,016,352 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2005-12-02 15:03:28 | 000,036,176 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2005-12-02 15:01:32 | 000,021,840 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2005-10-20 12:05:00 | 000,282,240 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rtl8185.sys -- (rtl8185)
DRV - [2005-08-03 16:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-12-22 10:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-12-02 09:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2003-07-01 21:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002-10-02 09:57:12 | 000,013,532 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2006-12-28 09:53:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2006-12-28 09:53:54 | 000,000,000 | ---D | M]
[2010-01-15 11:21:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Extensions
[2006-12-28 09:54:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Firefox\Profiles\esbemnus.default\extensions
[2006-12-28 09:53:54 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2009-12-22 04:48:34 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-12-22 04:48:34 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-22 04:48:34 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-22 04:48:34 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-12-22 04:48:34 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-22 04:48:34 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2006-03-02 12:00:00 | 000,000,742 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (IeCatch2 Class) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\Program Files\FlashGet\Jccatch.dll (Amaze Soft)
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk = D:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWLan.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Download All by FlashGet - D:\Program Files\FlashGet\jc_all.htm ()
O8 - Extra context menu item: Download using FlashGet - D:\Program Files\FlashGet\jc_link.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-01-03 20:53:02 | 000,000,133 | ---- | M] () - C:\Autoexec.bat -- [ FAT32 ]
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\AutoRun\command - "" = L:\9fo3ar0j.exe -- File not found
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\open\Command - "" = L:\9fo3ar0j.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010-02-09 18:52:29 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Przemek\Recent
[2010-02-09 18:31:36 | 000,000,000 | ---D | C] -- D:\_OTL
[2010-02-09 11:34:00 | 000,036,176 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2010-02-09 11:34:00 | 000,016,352 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2010-02-09 11:33:59 | 000,021,840 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aavmker4.sys
[2010-02-09 11:33:58 | 000,085,760 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon.sys
[2010-02-09 11:33:58 | 000,083,968 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon2.sys
[2010-02-09 11:33:54 | 001,060,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MFC71.dll
[2010-02-09 11:33:54 | 000,499,712 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MSVCP71.dll
[2010-02-09 11:33:54 | 000,348,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MSVCR71.dll
[2010-02-09 11:33:54 | 000,090,112 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\AVASTSS.scr
[2010-02-09 11:33:53 | 000,000,000 | ---D | C] -- D:\Program Files\Alwil Software
[2010-02-02 15:31:55 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\GTA Vice City User Files
[2010-02-02 15:24:15 | 000,000,000 | ---D | C] -- D:\Program Files\GTA Vice City
[2010-02-01 19:07:37 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Nowy folder
[2010-01-21 13:04:53 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbprint.sys
[2010-01-21 13:04:33 | 000,031,616 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbccgp.sys
[2010-01-20 13:04:41 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2010-01-16 13:54:59 | 000,026,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbstor.sys
[2010-01-15 21:05:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\cache
[2010-01-15 21:02:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-15 21:02:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\OpenFM
[2010-01-15 21:02:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\Gadu-Gadu 10
[2010-01-15 19:17:01 | 000,000,000 | ---D | C] -- D:\Program Files\TopCD
[2010-01-15 14:28:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\AdCache
[2010-01-15 14:28:10 | 000,000,000 | ---D | C] -- D:\Program Files\FlashGet
[2010-01-15 11:39:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie
[2010-01-15 11:30:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\My Games
[2010-01-15 11:05:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\Macromedia
[2010-01-15 10:46:26 | 000,021,035 | ---- | C] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010-01-15 10:46:11 | 000,282,240 | ---- | C] (Realtek Semiconductor Corporation ) -- D:\WINDOWS\System32\drivers\rtl8185.sys
[2010-01-15 10:46:11 | 000,013,532 | ---- | C] (Windows (R) 2000 DDK provider) -- D:\WINDOWS\System32\drivers\SjyPkt.sys
[2010-01-15 10:46:09 | 000,000,000 | ---D | C] -- D:\Program Files\Nonbrand
[2006-12-28 09:51:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-12-28 09:51:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-12-28 09:39:34 | 000,000,000 | --SD | M] -- D:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2006-12-28 09:39:34 | 000,000,000 | --SD | M] -- D:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
========== Files - Modified Within 30 Days ==========
[2010-02-09 20:34:58 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010-02-09 20:34:56 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010-02-09 19:16:44 | 003,407,872 | -H-- | M] () -- D:\Documents and Settings\Przemek\NTUSER.DAT
[2010-02-09 19:16:44 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\Przemek\ntuser.ini
[2010-02-09 18:58:14 | 004,798,580 | -H-- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-02-09 18:28:52 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2010-02-09 13:17:44 | 000,013,824 | ---- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-09 12:52:26 | 000,096,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-09 12:01:38 | 000,000,133 | ---- | M] () -- D:\WINDOWS\ODBC.INI
[2010-02-09 11:34:02 | 000,001,623 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-02-09 11:34:00 | 000,002,645 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010-02-08 18:47:10 | 000,013,646 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010-02-07 16:23:34 | 000,001,065 | ---- | M] () -- D:\WINDOWS\winamp.ini
[2010-02-06 18:48:22 | 000,000,030 | ---- | M] () -- D:\WINDOWS\TextSpy.ini
[2010-02-01 19:01:18 | 000,000,567 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\Gadu-Gadu.lnk
[2010-01-27 17:04:34 | 003,926,801 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\sebi& dj mysz. cipul.mp3
[2010-01-20 13:06:08 | 000,027,708 | ---- | M] () -- D:\Documents and Settings\Przemek\Moje dokumenty\cc_20100120_130532.reg
[2010-01-20 13:04:44 | 000,001,462 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\CCleaner.lnk
[2010-01-19 15:16:04 | 000,000,498 | ---- | M] () -- D:\WINDOWS\win.ini
[2010-01-15 10:46:28 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010-01-15 10:46:10 | 000,001,703 | ---- | M] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk
========== Files Created - No Company Name ==========
[2010-02-09 12:01:36 | 000,000,133 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2010-02-09 11:34:00 | 000,001,623 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-02-09 11:33:54 | 000,478,208 | ---- | C] () -- D:\WINDOWS\System32\aswBoot.exe
[2010-02-09 11:33:54 | 000,380,928 | ---- | C] () -- D:\WINDOWS\System32\actskin4.ocx
[2010-02-01 19:01:17 | 000,000,567 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\Gadu-Gadu.lnk
[2010-01-27 16:56:22 | 003,926,801 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\sebi& dj mysz. cipul.mp3
[2010-01-20 13:05:34 | 000,027,708 | ---- | C] () -- D:\Documents and Settings\Przemek\Moje dokumenty\cc_20100120_130532.reg
[2010-01-20 13:04:42 | 000,001,462 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\CCleaner.lnk
[2010-01-15 10:46:09 | 000,001,703 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk
[2006-12-28 14:02:13 | 000,001,065 | ---- | C] () -- D:\WINDOWS\winamp.ini
[2006-12-28 14:02:12 | 000,088,064 | ---- | C] () -- D:\WINDOWS\System32\AudioExCtl.dll
[2006-12-28 13:44:59 | 000,765,952 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2006-12-28 13:44:59 | 000,180,224 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2006-12-28 13:22:55 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2006-12-28 13:22:54 | 000,013,824 | ---- | C] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-12-28 12:46:22 | 000,000,030 | ---- | C] () -- D:\WINDOWS\TextSpy.ini
[2006-12-28 12:29:02 | 000,000,164 | ---- | C] () -- D:\WINDOWS\avrack.ini
[2006-12-28 12:28:58 | 000,156,672 | ---- | C] () -- D:\WINDOWS\System32\RtlCPAPI.dll
[2006-12-28 09:28:49 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys
[2006-12-28 09:26:40 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll
[2006-06-01 23:10:25 | 003,596,288 | ---- | C] () -- D:\WINDOWS\System32\qt-dx331.dll
[2006-06-01 23:06:32 | 000,012,288 | ---- | C] () -- D:\WINDOWS\System32\DivXWMPExtType.dll
< End of report >
========== OTL ==========
========== FILES ==========
C:\9qqigqwf.exe moved successfully.
D:\9qqigqwf.exe moved successfully.
E:\9qqigqwf.exe moved successfully.
F:\9qqigqwf.exe moved successfully.
G:\9qqigqwf.exe moved successfully.
H:\9qqigqwf.exe moved successfully.
I:\9qqigqwf.exe moved successfully.
J:\9qqigqwf.exe moved successfully.
File\Folder C:\Ic.exe not found.
File\Folder D:\Ic.exe not found.
File\Folder E:\Ic.exe not found.
File\Folder F:\Ic.exe not found.
File\Folder G:\Ic.exe not found.
File\Folder H:\Ic.exe not found.
File\Folder I:\Ic.exe not found.
File\Folder J:\Ic.exe not found.
OTL by OldTimer - Version 3.1.28.0 log created on 02092010_203605
NOWY LOG Z OTL
OTL logfile created on: 2010-02-09 20:37:38 - Run 4
OTL by OldTimer - Version 3.1.28.0 Folder = D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
767,00 Mb Total Physical Memory | 492,00 Mb Available Physical Memory | 64,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): D:\pagefile.sys 1152 2304 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 18,62 Gb Total Space | 10,67 Gb Free Space | 57,32% Space Free | Partition Type: FAT32
Drive D: | 18,60 Gb Total Space | 13,54 Gb Free Space | 72,76% Space Free | Partition Type: FAT32
Drive E: | 18,62 Gb Total Space | 17,16 Gb Free Space | 92,13% Space Free | Partition Type: FAT32
Drive F: | 18,62 Gb Total Space | 18,60 Gb Free Space | 99,91% Space Free | Partition Type: FAT32
Drive G: | 18,63 Gb Total Space | 0,41 Gb Free Space | 2,20% Space Free | Partition Type: FAT32
Drive H: | 18,44 Gb Total Space | 2,84 Gb Free Space | 15,43% Space Free | Partition Type: FAT32
Drive I: | 18,44 Gb Total Space | 5,71 Gb Free Space | 30,99% Space Free | Partition Type: FAT32
Drive J: | 18,99 Gb Total Space | 7,10 Gb Free Space | 37,37% Space Free | Partition Type: FAT32
Computer Name: 294E10E81B86438
Current User Name: Przemek
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010-02-09 12:22:06 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie\OTL(2).exe
PRC - [2009-12-22 18:49:58 | 000,908,248 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2006-03-02 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
PRC - [2006-03-02 12:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\system32\wscntfy.exe
PRC - [2005-12-14 15:22:02 | 005,856,256 | ---- | M] () -- D:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWLan.exe
PRC - [2005-12-02 14:52:56 | 000,053,248 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2005-12-02 14:28:54 | 000,098,352 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2005-12-02 14:28:50 | 000,098,352 | ---- | M] () -- D:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2005-12-02 14:28:36 | 000,241,712 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2005-12-02 14:28:28 | 000,360,496 | ---- | M] (ALWIL Software) -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2005-08-03 16:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) -- D:\WINDOWS\system32\ati2evxx.exe
PRC - [2001-09-12 19:20:02 | 000,196,608 | ---- | M] (HP) -- D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
========== Modules (SafeList) ==========
MOD - [2010-02-09 12:22:06 | 000,549,376 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie\OTL(2).exe
MOD - [2006-08-25 16:51:14 | 001,054,208 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2005-12-02 14:52:56 | 000,053,248 | ---- | M] () [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2005-12-02 14:28:50 | 000,098,352 | ---- | M] () [Auto | Running] -- D:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2005-12-02 14:28:36 | 000,241,712 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2005-12-02 14:28:28 | 000,360,496 | ---- | M] (ALWIL Software) [On_Demand | Running] -- D:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2005-08-03 16:02:58 | 000,380,928 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- D:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
========== Driver Services (SafeList) ==========
DRV - [2010-01-15 10:46:28 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2006-06-01 23:11:08 | 000,020,640 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- D:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006-03-02 12:00:00 | 000,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006-03-02 12:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2005-12-02 15:05:54 | 000,083,968 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2005-12-02 15:04:36 | 000,016,352 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2005-12-02 15:03:28 | 000,036,176 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2005-12-02 15:01:32 | 000,021,840 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2005-10-20 12:05:00 | 000,282,240 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\rtl8185.sys -- (rtl8185)
DRV - [2005-08-03 16:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-12-22 10:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004-12-02 09:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004-08-03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2003-07-01 21:42:00 | 000,027,904 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002-10-02 09:57:12 | 000,013,532 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2006-12-28 09:53:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2006-12-28 09:53:54 | 000,000,000 | ---D | M]
[2010-01-15 11:21:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Extensions
[2006-12-28 09:54:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Przemek\Dane aplikacji\Mozilla\Firefox\Profiles\esbemnus.default\extensions
[2006-12-28 09:53:54 | 000,000,000 | ---D | M] -- D:\Program Files\Mozilla Firefox\extensions
[2009-12-22 04:48:34 | 000,002,767 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2009-12-22 04:48:34 | 000,001,406 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2009-12-22 04:48:34 | 000,000,917 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2009-12-22 04:48:34 | 000,000,858 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2009-12-22 04:48:34 | 000,001,183 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2009-12-22 04:48:34 | 000,001,683 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2006-03-02 12:00:00 | 000,000,742 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (IeCatch2 Class) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\Program Files\FlashGet\Jccatch.dll (Amaze Soft)
O4 - HKLM..\Run: [avast!] D:\Program Files\Alwil Software\Avast4\ashDisp.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - Startup: D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk = D:\Program Files\Nonbrand\802.11g Wireless LAN PCI Card Driver and Utility\RtWLan.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O8 - Extra context menu item: Download All by FlashGet - D:\Program Files\FlashGet\jc_all.htm ()
O8 - Extra context menu item: Download using FlashGet - D:\Program Files\FlashGet\jc_link.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-01-03 20:53:02 | 000,000,133 | ---- | M] () - C:\Autoexec.bat -- [ FAT32 ]
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\AutoRun\command - "" = L:\9fo3ar0j.exe -- File not found
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\open\Command - "" = L:\9fo3ar0j.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010-02-09 18:52:29 | 000,000,000 | RH-D | C] -- D:\Documents and Settings\Przemek\Recent
[2010-02-09 18:31:36 | 000,000,000 | ---D | C] -- D:\_OTL
[2010-02-09 11:34:00 | 000,036,176 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2010-02-09 11:34:00 | 000,016,352 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2010-02-09 11:33:59 | 000,021,840 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aavmker4.sys
[2010-02-09 11:33:58 | 000,085,760 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon.sys
[2010-02-09 11:33:58 | 000,083,968 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\drivers\aswmon2.sys
[2010-02-09 11:33:54 | 001,060,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MFC71.dll
[2010-02-09 11:33:54 | 000,499,712 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MSVCP71.dll
[2010-02-09 11:33:54 | 000,348,160 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MSVCR71.dll
[2010-02-09 11:33:54 | 000,090,112 | ---- | C] (ALWIL Software) -- D:\WINDOWS\System32\AVASTSS.scr
[2010-02-09 11:33:53 | 000,000,000 | ---D | C] -- D:\Program Files\Alwil Software
[2010-02-02 15:31:55 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\GTA Vice City User Files
[2010-02-02 15:24:15 | 000,000,000 | ---D | C] -- D:\Program Files\GTA Vice City
[2010-02-01 19:07:37 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\Nowy folder
[2010-01-21 13:04:53 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbprint.sys
[2010-01-21 13:04:33 | 000,031,616 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbccgp.sys
[2010-01-20 13:04:41 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2010-01-16 13:54:59 | 000,026,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\usbstor.sys
[2010-01-15 21:05:27 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\cache
[2010-01-15 21:02:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2010-01-15 21:02:57 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\OpenFM
[2010-01-15 21:02:35 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\Gadu-Gadu 10
[2010-01-15 19:17:01 | 000,000,000 | ---D | C] -- D:\Program Files\TopCD
[2010-01-15 14:28:18 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\AdCache
[2010-01-15 14:28:10 | 000,000,000 | ---D | C] -- D:\Program Files\FlashGet
[2010-01-15 11:39:07 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\Pobieranie
[2010-01-15 11:30:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Moje dokumenty\My Games
[2010-01-15 11:05:01 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Przemek\Dane aplikacji\Macromedia
[2010-01-15 10:46:26 | 000,021,035 | ---- | C] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010-01-15 10:46:11 | 000,282,240 | ---- | C] (Realtek Semiconductor Corporation ) -- D:\WINDOWS\System32\drivers\rtl8185.sys
[2010-01-15 10:46:11 | 000,013,532 | ---- | C] (Windows (R) 2000 DDK provider) -- D:\WINDOWS\System32\drivers\SjyPkt.sys
[2010-01-15 10:46:09 | 000,000,000 | ---D | C] -- D:\Program Files\Nonbrand
[2006-12-28 09:51:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-12-28 09:51:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-12-28 09:39:34 | 000,000,000 | --SD | M] -- D:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2006-12-28 09:39:34 | 000,000,000 | --SD | M] -- D:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
========== Files - Modified Within 30 Days ==========
[2010-02-09 20:34:58 | 000,000,006 | -H-- | M] () -- D:\WINDOWS\tasks\SA.DAT
[2010-02-09 20:34:56 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2010-02-09 19:16:44 | 003,407,872 | -H-- | M] () -- D:\Documents and Settings\Przemek\NTUSER.DAT
[2010-02-09 19:16:44 | 000,000,188 | -HS- | M] () -- D:\Documents and Settings\Przemek\ntuser.ini
[2010-02-09 18:58:14 | 004,798,580 | -H-- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-02-09 18:28:52 | 000,000,069 | ---- | M] () -- D:\WINDOWS\NeroDigital.ini
[2010-02-09 13:17:44 | 000,013,824 | ---- | M] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-02-09 12:52:26 | 000,096,664 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-09 12:01:38 | 000,000,133 | ---- | M] () -- D:\WINDOWS\ODBC.INI
[2010-02-09 11:34:02 | 000,001,623 | ---- | M] () -- D:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-02-09 11:34:00 | 000,002,645 | ---- | M] () -- D:\WINDOWS\System32\CONFIG.NT
[2010-02-08 18:47:10 | 000,013,646 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2010-02-07 16:23:34 | 000,001,065 | ---- | M] () -- D:\WINDOWS\winamp.ini
[2010-02-06 18:48:22 | 000,000,030 | ---- | M] () -- D:\WINDOWS\TextSpy.ini
[2010-02-01 19:01:18 | 000,000,567 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\Gadu-Gadu.lnk
[2010-01-27 17:04:34 | 003,926,801 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\sebi& dj mysz. cipul.mp3
[2010-01-20 13:06:08 | 000,027,708 | ---- | M] () -- D:\Documents and Settings\Przemek\Moje dokumenty\cc_20100120_130532.reg
[2010-01-20 13:04:44 | 000,001,462 | ---- | M] () -- D:\Documents and Settings\Przemek\Pulpit\CCleaner.lnk
[2010-01-19 15:16:04 | 000,000,498 | ---- | M] () -- D:\WINDOWS\win.ini
[2010-01-15 10:46:28 | 000,021,035 | ---- | M] (Meetinghouse Data Communications) -- D:\WINDOWS\System32\drivers\AegisP.sys
[2010-01-15 10:46:10 | 000,001,703 | ---- | M] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk
========== Files Created - No Company Name ==========
[2010-02-09 12:01:36 | 000,000,133 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2010-02-09 11:34:00 | 000,001,623 | ---- | C] () -- D:\Documents and Settings\All Users\Pulpit\avast! Antivirus.lnk
[2010-02-09 11:33:54 | 000,478,208 | ---- | C] () -- D:\WINDOWS\System32\aswBoot.exe
[2010-02-09 11:33:54 | 000,380,928 | ---- | C] () -- D:\WINDOWS\System32\actskin4.ocx
[2010-02-01 19:01:17 | 000,000,567 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\Gadu-Gadu.lnk
[2010-01-27 16:56:22 | 003,926,801 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\sebi& dj mysz. cipul.mp3
[2010-01-20 13:05:34 | 000,027,708 | ---- | C] () -- D:\Documents and Settings\Przemek\Moje dokumenty\cc_20100120_130532.reg
[2010-01-20 13:04:42 | 000,001,462 | ---- | C] () -- D:\Documents and Settings\Przemek\Pulpit\CCleaner.lnk
[2010-01-15 10:46:09 | 000,001,703 | ---- | C] () -- D:\Documents and Settings\All Users\Menu Start\Programy\Autostart\802.11g Wireless LAN PCI Card Utility.lnk
[2006-12-28 14:02:13 | 000,001,065 | ---- | C] () -- D:\WINDOWS\winamp.ini
[2006-12-28 14:02:12 | 000,088,064 | ---- | C] () -- D:\WINDOWS\System32\AudioExCtl.dll
[2006-12-28 13:44:59 | 000,765,952 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2006-12-28 13:44:59 | 000,180,224 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2006-12-28 13:22:55 | 000,000,069 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2006-12-28 13:22:54 | 000,013,824 | ---- | C] () -- D:\Documents and Settings\Przemek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-12-28 12:46:22 | 000,000,030 | ---- | C] () -- D:\WINDOWS\TextSpy.ini
[2006-12-28 12:29:02 | 000,000,164 | ---- | C] () -- D:\WINDOWS\avrack.ini
[2006-12-28 12:28:58 | 000,156,672 | ---- | C] () -- D:\WINDOWS\System32\RtlCPAPI.dll
[2006-12-28 09:28:49 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys
[2006-12-28 09:26:40 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll
[2006-06-01 23:10:25 | 003,596,288 | ---- | C] () -- D:\WINDOWS\System32\qt-dx331.dll
[2006-06-01 23:06:32 | 000,012,288 | ---- | C] () -- D:\WINDOWS\System32\DivXWMPExtType.dll
< End of report >
Re: Proszę o sprawdzenie Logów z OTL
09 Lut 2010, 23:36
Uruchom OTL w oknie Custom Scans/Fixes wklej:
Klikasz Run Fix. Następnie:
W OTL kliknij CleanUp
Przeczyść dysk oraz rejestr CCleaner
Wyłącz i włącz przywracanie systemu na wszystkich dyskach [url=http://support.microsoft.com/kb/310405/pll/]Instrukcja[/url]
Wykonaj pełne skanowanie Malwarebytes' Anti-Malware - jeśli coś znajdzie usuń i daj raport
w oknie Custom Scans/Fixes wklej::OTL
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\AutoRun\command - "" = L:\9fo3ar0j.exe -- File not found
O33 - MountPoints2\{5c017c36-029e-11df-965e-00148588ab5e}\Shell\open\Command - "" = L:\9fo3ar0j.exe -- File not found
Klikasz Run Fix. Następnie:
W OTL kliknij CleanUp
Przeczyść dysk oraz rejestr CCleaner
Wyłącz i włącz przywracanie systemu na wszystkich dyskach
[url=http://support.microsoft.com/kb/310405/pll/]Instrukcja[/url]Wykonaj pełne skanowanie Malwarebytes' Anti-Malware - jeśli coś znajdzie usuń i daj raport
Re: Proszę o sprawdzenie Logów z OTL
10 Lut 2010, 10:18
Re: Proszę o sprawdzenie Logów z OTL
10 Lut 2010, 16:50
Ok, opróżnij jeszcze kwarantannę Malwarebytes.