TA STRONA UŻYWA COOKIE. Dowiedz się więcej o celu ich używania i zmianie ustawień cookie w przeglądarce. Korzystając ze strony wyrażasz zgodę na używanie cookie, zgodnie z aktualnymi ustawieniami przeglądarki.
Od dnia 25.05.2018 r. na terenie Unii Europejskiej wchodzi w życie Rozporządzenie Parlamentu Europejskiego w sprawie ochrony danych osobowych. Prosimy o zapoznanie się z polityką prywatności oraz regulaminem serwisu  [X]

Przed otworzeniem folderu otwiera się info o Search Setting

Logi, zabezpieczenie komputera, danych. Programy antywirusowe antyspyware, firewall itp.
Regulamin forum
1. Każdy temat powinien odzwierciedlać treść wątku.
2. W przypadku wklejania logów; należy je wykonać od razu przynajmniej z dwóch narzędzi: FRST oraz z GMER
3. Wszelkie logi proszę publikować na przeznaczonych do tego stronach a w poście wklejać tylko link.
4. Nie wskazane jest skracanie logów, należy wkleić cały - od początku, do końca.
5. Nie wskazane jest podczepianie się do tematów innych użytkowników - proszę założyć nowy temat w dziale Bezpieczeństwo, ułatwi to pomoc sprawdzającemu.
6. Osoby nie posiadające odpowiedniej wiedzy, nie powinny sprawdzać logów, ponieważ grozi to poważnym uszkodzeniem systemu lub aplikacji zainstalowanych na komputerze.
7. Należy dokładnie opisać problem, występujące objawy oraz wszelkie podjęte działania.
8. Każdy skrypt jest unikatowy, napisany dla każdego przypadku z osobna, więc nie może być stosowany przez innych.
9. W przypadku zamieszczenia zrzutu ekranu (screenshot'a) proszę korzystać z zewnętrznego serwisu oferującego hosting zdjęć.
Wyślij odpowiedź

Przed otworzeniem folderu otwiera się info o Search Setting

Postprzez karolinat_ » 15 Lut 2010, 23:17

PostUA: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 3.0.4506.2152; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.5.30729)

Przed otworzeniem każdego folderu otwiera mi się okno z info o Search Setting 1.2 (windows chce skonfigurować ale "oczywiście" nie może)
Poniżej log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:22:01, on 2010-02-15
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
E:\WINDOWS\PixArt\PAC207\Monitor.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
E:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe
E:\WINDOWS\system32\lxdxcoms.exe
E:\Program Files\DNA\btdna.exe
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\MsPMSPSv.exe
E:\Program Files\OpenOffice.org 3\program\soffice.exe
E:\Program Files\OpenOffice.org 3\program\soffice.bin
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\Nowe Gadu-Gadu\gg.exe
E:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\WINDOWS\system32\msiexec.exe
E:\Documents and Settings\Michal Walczak\Moje dokumenty\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ig
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - E:\Program Files\Search Settings\kb127\SearchSettings.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - E:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - E:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - E:\Documents and Settings\Michal Walczak\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Ulead Photo Express Calendar Checker] E:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\calcheck.exe
O4 - HKLM\..\Run: [SearchSettings] E:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [PAC207_Monitor] E:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] E:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [FaxCenterServer] "E:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [lxdxmon.exe] "E:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe"
O4 - HKLM\..\Run: [lxdxamon] "E:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "E:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Odkurzacz-MCD] E:\Program Files\Odkurzacz\odk_mcd.exe
O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "E:\Program Files\Nowe Gadu-Gadu\gg.exe"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] E:\WINDOWS\system32\macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = E:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://E:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - E:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: E:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} (OggX Control) - http://www.eska.pl/streamplayers/OggX.ocx
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6247252171
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - E:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
O23 - Service: lxdx_device - - E:\WINDOWS\system32\lxdxcoms.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - https://www.bwin.com/style/img/spacer.gif

--
End of file - 8515 bytes



Jeśli chodzi o kompiki jestem kompletnie zielona więc będę wdzięczna za pomoc. :) Z góry dzięki
karolinat_
Forumowicz
Forumowicz
 
Posty: 12
Dołączenie: 15 Lut 2010, 22:55
Góra

Re: proszę o sprawdzenie loga z hijack

Postprzez karolinat_ » 15 Lut 2010, 23:36

PostUA: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 3.0.4506.2152; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.5.30729)

dodaje jeszcze raport OTL i GMER

OTL logfile created on: 2010-02-15 22:23:00 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = E:\Documents and Settings\Michal Walczak\Moje dokumenty
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

511,00 Mb Total Physical Memory | 124,00 Mb Available Physical Memory | 24,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 42,00% Paging File free
Paging file location(s): E:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 19,53 Gb Total Space | 19,40 Gb Free Space | 99,34% Space Free | Partition Type: NTFS
Drive D: | 39,06 Gb Total Space | 38,95 Gb Free Space | 99,71% Space Free | Partition Type: NTFS
Drive E: | 53,19 Gb Total Space | 2,16 Gb Free Space | 4,06% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WALCZAK-A7A0E49
Current User Name: Michal Walczak
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010-02-15 22:20:42 | 000,549,376 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Michal Walczak\Moje dokumenty\OTL.exe
PRC - [2010-02-15 21:21:04 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- E:\Documents and Settings\Michal Walczak\Moje dokumenty\HiJackThis.exe
PRC - [2009-12-18 14:05:43 | 000,634,648 | ---- | M] (Microsoft Corporation) -- E:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-11-12 21:22:49 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- E:\Program Files\DNA\btdna.exe
PRC - [2009-08-31 17:07:34 | 011,391,592 | ---- | M] (GG Network S.A.) -- E:\Program Files\Nowe Gadu-Gadu\gg.exe
PRC - [2009-08-31 15:56:26 | 000,077,824 | ---- | M] () -- E:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
PRC - [2009-08-17 17:07:23 | 000,081,000 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009-08-17 17:07:17 | 000,138,680 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009-08-17 17:07:01 | 000,254,040 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009-08-17 17:04:21 | 000,352,920 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009-08-17 16:58:55 | 000,018,752 | ---- | M] (ALWIL Software) -- E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009-04-23 04:16:44 | 007,418,368 | ---- | M] (OpenOffice.org) -- E:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009-04-23 04:15:34 | 007,424,000 | ---- | M] (OpenOffice.org) -- E:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008-09-18 14:33:17 | 000,611,664 | ---- | M] (Lavasoft) -- E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe
PRC - [2008-03-20 07:25:43 | 000,025,256 | ---- | M] () -- E:\Program Files\Lexmark 3600-4600 Series\lxdxmsdmon.exe
PRC - [2008-03-20 07:25:42 | 000,668,328 | ---- | M] () -- E:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
PRC - [2008-02-28 01:53:25 | 000,594,600 | ---- | M] ( ) -- E:\WINDOWS\system32\lxdxcoms.exe
PRC - [2007-12-10 14:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- E:\WINDOWS\PixArt\PAC207\Monitor.exe
PRC - [2004-01-12 20:40:24 | 000,069,632 | ---- | M] (Ulead Systems, Inc.) -- E:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe
PRC - [2002-11-18 14:15:00 | 000,065,536 | ---- | M] (NVIDIA Corporation) -- E:\WINDOWS\system32\nvsvc32.exe
PRC - [2000-06-26 07:44:20 | 000,053,520 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\MsPMSPSv.exe


========== Modules (SafeList) ==========

MOD - [2010-02-15 22:20:42 | 000,549,376 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Michal Walczak\Moje dokumenty\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2009-08-17 17:07:17 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- E:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009-08-17 17:07:01 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009-08-17 17:04:21 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- E:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009-08-17 16:58:55 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008-09-18 14:33:17 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008-02-28 01:53:25 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- E:\WINDOWS\System32\lxdxcoms.exe -- (lxdx_device)
SRV - [2008-02-28 01:53:22 | 000,098,984 | ---- | M] () [Auto | Stopped] -- E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)
SRV - [2007-11-05 15:26:31 | 000,138,168 | ---- | M] (Google) [On_Demand | Stopped] -- E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2007-03-20 02:19:14 | 000,263,168 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- E:\Program Files\Ares\chatServer.exe -- (AresChatServer)
SRV - [2005-11-14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- E:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2002-11-18 14:15:00 | 000,065,536 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- E:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2000-06-26 07:44:20 | 000,053,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- E:\WINDOWS\system32\MsPMSPSv.exe -- (WMDM PMSP Service)


========== Driver Services (SafeList) ==========

DRV - [2009-12-23 21:42:01 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009-12-23 21:42:01 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2009-08-17 17:06:43 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- E:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009-08-17 17:05:52 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009-08-17 17:05:37 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- E:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-08-17 17:04:40 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009-08-17 17:04:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009-08-17 17:03:21 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009-02-26 21:23:12 | 000,023,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\kwflower.log -- (kwflower)
DRV - [2008-11-20 20:19:06 | 000,043,872 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- E:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008-06-24 09:36:14 | 000,065,024 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\kvpndrv.sys -- (kvpndev)
DRV - [2008-04-13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008-04-13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Sterownik audio USB (WDM)
DRV - [2008-02-13 12:17:26 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007-11-13 11:25:55 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006-09-18 13:59:08 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)
DRV - [2006-09-18 13:59:02 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006-09-18 13:59:00 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)
DRV - [2006-09-18 13:58:58 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)
DRV - [2006-09-18 13:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006-09-18 13:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006-09-18 13:58:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)
DRV - [2006-03-02 13:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2005-02-23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004-08-03 23:41:56 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\HSFDPSP2.sys -- (HSF_DP)
DRV - [2004-08-03 23:41:56 | 000,011,868 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- E:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2004-08-03 23:41:48 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\HSFBS2S2.sys -- (HSFHWBS2)
DRV - [2002-11-18 14:15:00 | 001,178,138 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2002-09-25 06:09:12 | 000,140,800 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\e100b325.sys -- (E100B) Intel(R)
DRV - [2002-09-09 08:59:00 | 000,108,220 | R--- | M] (NVIDIA Corporation) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\nvcap.sys -- (nvcap) nVidia WDM Video Capture (universal)
DRV - [2002-09-09 08:59:00 | 000,010,366 | R--- | M] (NVIDIA Corporation) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\nvxbar.sys -- (NVXBAR)
DRV - [2002-07-24 14:52:26 | 000,998,004 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002-07-19 11:48:04 | 000,195,432 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002-07-19 11:47:52 | 000,837,548 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001-08-17 21:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [2001-07-30 11:34:28 | 000,585,840 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2001-07-16 12:17:30 | 000,076,610 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\basic2.sys -- (basic2)
DRV - [2001-07-16 12:16:58 | 000,539,917 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\v124nt.sys -- (V124)
DRV - [2001-07-15 19:05:54 | 000,067,222 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\rksample.sys -- (Rksample)
DRV - [2001-07-03 18:42:30 | 000,017,776 | ---- | M] (Conexant Systems) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\cnxtdiag.sys -- (Cnxtdiag)
DRV - [2001-06-24 18:16:36 | 000,427,215 | ---- | M] (Conexant) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\k56nt.sys -- (K56)
DRV - [2001-06-24 18:16:08 | 000,124,189 | ---- | M] (Conexant) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\fsksnt.sys -- (Fsks)
DRV - [2001-06-24 18:15:20 | 000,215,195 | ---- | M] (Conexant) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\faxnt.sys -- (SoftFax)
DRV - [2001-06-24 18:14:18 | 000,059,375 | ---- | M] (Conexant) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\tonesnt.sys -- (Tones)
DRV - [2001-06-24 18:13:56 | 000,308,403 | ---- | M] (Conexant) [Kernel | Auto | Running] -- E:\WINDOWS\system32\drivers\fallback.sys -- (Fallback)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-746137067-261903793-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-746137067-261903793-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-746137067-261903793-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-746137067-261903793-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ig
IE - HKU\S-1-5-21-746137067-261903793-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-746137067-261903793-725345543-1003\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - E:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.)
IE - HKU\S-1-5-21-746137067-261903793-725345543-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-746137067-261903793-725345543-1003\S-1-5-21-746137067-261903793-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-261903793-725345543-1003\S-1-5-21-746137067-261903793-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"


[2009-10-08 21:01:15 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\Mozilla\Extensions
[2009-10-29 21:52:50 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\Mozilla\Firefox\Profiles\66ja0uvz.default\extensions
[2009-11-08 16:04:28 | 000,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions
[2010-02-15 20:02:51 | 000,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions\[email protected]
[2008-09-04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- E:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll

O1 HOSTS File: ([2006-03-02 13:00:00 | 000,000,742 | ---- | M]) - E:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - E:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - E:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - E:\Documents and Settings\Michal Walczak\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-746137067-261903793-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-261903793-725345543-1003\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-261903793-725345543-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - e:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [avast!] E:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [FaxCenterServer] E:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [lxdxamon] E:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe ()
O4 - HKLM..\Run: [lxdxmon.exe] E:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe ()
O4 - HKLM..\Run: [Monitor] E:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NvCplDaemon] E:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] E:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] E:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PAC207_Monitor] E:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [SearchSettings] E:\Program Files\Search Settings\SearchSettings.exe (Vendio Services, Inc.)
O4 - HKLM..\Run: [Ulead Photo Express Calendar Checker] E:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe (Ulead Systems, Inc.)
O4 - HKU\S-1-5-21-746137067-261903793-725345543-1003..\Run: [BitTorrent DNA] E:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-746137067-261903793-725345543-1003..\Run: [Nowe Gadu-Gadu] E:\Program Files\Nowe Gadu-Gadu\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-746137067-261903793-725345543-1003..\Run: [Odkurzacz-MCD] E:\Program Files\Odkurzacz\odk_mcd.exe (Franmo Software)
O4 - HKU\S-1-5-21-746137067-261903793-725345543-1003..\RunOnce: [FlashPlayerUpdate] E:\WINDOWS\System32\macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O4 - Startup: E:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: E:\Documents and Settings\Michal Walczak\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk = E:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-261903793-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O8 - Extra context menu item: Add to Google Photos Screensa&ver - E:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_04\bin\npjpi160_04.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - E:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O12 - Plugin for: .spop - E:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} http://www.eska.pl/streamplayers/OggX.ocx (OggX Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.com/content/DriverDow ... eqlab2.cab (System Requirements Lab Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 6247252171 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.113.224.36 217.113.224.35
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - https://www.bwin.com/style/img/spacer.gif
O24 - Desktop Components:1 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: E:\Documents and Settings\Michal Walczak\Moje dokumenty\Moje obrazy\untitled.bmp
O24 - Desktop BackupWallPaper: E:\Documents and Settings\Michal Walczak\Moje dokumenty\Moje obrazy\untitled.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-10-29 12:03:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8bcf4ee6-87c7-11dd-8127-003005392223}\Shell - "" = AutoRun
O33 - MountPoints2\{8bcf4ee6-87c7-11dd-8127-003005392223}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - E:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-02-15 22:20:39 | 000,549,376 | ---- | C] (OldTimer Tools) -- E:\Documents and Settings\Michal Walczak\Moje dokumenty\OTL.exe
[2010-02-15 21:21:03 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- E:\Documents and Settings\Michal Walczak\Moje dokumenty\HiJackThis.exe
[2010-02-15 15:08:18 | 000,000,000 | ---D | C] -- E:\Program Files\Microsoft Silverlight
[2010-02-15 15:07:46 | 004,938,120 | ---- | C] (Microsoft Corporation) -- E:\Documents and Settings\Michal Walczak\Moje dokumenty\Silverlight.exe
[2010-02-15 14:46:30 | 000,000,000 | ---D | C] -- E:\Program Files\MSBuild
[2010-02-15 14:46:20 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\XPSViewer
[2010-02-15 14:46:10 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\en-us
[2010-02-15 13:04:15 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\Logfiles
[2010-02-15 13:04:15 | 000,000,000 | ---D | C] -- E:\Inetpub
[2010-02-08 18:38:31 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\URTTEMP
[2010-02-08 18:37:06 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Michal Walczak\Moje dokumenty\08-02
[2010-01-20 21:08:08 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Michal Walczak\Pulpit\Paranienormalni.Mariolka.prawde.Ci.powie.2009.PL.DVDRip.XviD-Evolution.SG
[2010-01-20 20:50:58 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Michal Walczak\Pulpit\20-01 wynagrodzenie
[2010-01-10 22:20:37 | 000,438,272 | ---- | C] ( ) -- E:\WINDOWS\System32\LXDXhcp.dll
[2010-01-10 22:20:37 | 000,364,544 | ---- | C] ( ) -- E:\WINDOWS\System32\lxdxinpa.dll
[2010-01-10 22:20:37 | 000,339,968 | ---- | C] ( ) -- E:\WINDOWS\System32\lxdxiesc.dll
[2010-01-10 22:20:36 | 001,105,920 | ---- | C] ( ) -- E:\WINDOWS\System32\lxdxserv.dll
[2010-01-10 22:20:36 | 000,843,776 | ---- | C] ( ) -- E:\WINDOWS\System32\lxdxusb1.dll
[2010-01-10 22:20:36 | 000,647,168 | ---- | C] ( ) -- E:\WINDOWS\System32\lxdxpmui.dll
[2010-01-10 22:20:36 | 000,053,248 | ---- | C] ( ) -- E:\WINDOWS\System32\lxdxprox.dll
[2010-01-10 22:20:35 | 000,569,344 | ---- | C] ( ) -- E:\WINDOWS\System32\lxdxlmpm.dll
[2010-01-10 22:20:34 | 000,663,552 | ---- | C] ( ) -- E:\WINDOWS\System32\lxdxhbn3.dll
[2010-01-10 22:20:33 | 000,851,968 | ---- | C] ( ) -- E:\WINDOWS\System32\lxdxcomc.dll
[2010-01-10 22:20:33 | 000,376,832 | ---- | C] ( ) -- E:\WINDOWS\System32\lxdxcomm.dll
[2009-11-22 22:46:56 | 000,000,000 | ---D | M] -- E:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Google
[2009-10-18 16:04:48 | 000,000,000 | --SD | M] -- E:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2008-08-05 12:03:20 | 000,000,000 | ---D | M] -- E:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2007-10-29 13:36:22 | 000,065,536 | R--- | C] ( ) -- E:\WINDOWS\System32\a3d.dll
[2007-10-29 12:06:56 | 000,000,000 | ---D | M] -- E:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2007-10-29 12:03:16 | 000,000,000 | --SD | M] -- E:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[1 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-02-15 22:21:00 | 005,767,168 | -H-- | M] () -- E:\Documents and Settings\Michal Walczak\NTUSER.DAT
[2010-02-15 22:20:42 | 000,549,376 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Michal Walczak\Moje dokumenty\OTL.exe
[2010-02-15 21:41:01 | 000,032,239 | ---- | M] () -- E:\Documents and Settings\Michal Walczak\Pulpit\wklej_eu - wklej kod, paste code, paste syntax.mht
[2010-02-15 21:21:04 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- E:\Documents and Settings\Michal Walczak\Moje dokumenty\HiJackThis.exe
[2010-02-15 20:05:41 | 000,003,888 | ---- | M] () -- E:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-0000000D-00001102-00000002-80651102}.rfx
[2010-02-15 20:05:41 | 000,003,888 | ---- | M] () -- E:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-0000000D-00001102-00000002-80651102}.rfx
[2010-02-15 19:59:42 | 000,013,732 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2010-02-15 16:49:18 | 000,000,006 | -H-- | M] () -- E:\WINDOWS\tasks\SA.DAT
[2010-02-15 16:49:08 | 000,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2010-02-15 16:49:06 | 535,875,584 | -HS- | M] () -- E:\hiberfil.sys
[2010-02-15 16:48:03 | 000,000,292 | -HS- | M] () -- E:\Documents and Settings\Michal Walczak\ntuser.ini
[2010-02-15 16:46:04 | 001,069,596 | ---- | M] () -- E:\WINDOWS\System32\PerfStringBackup.INI
[2010-02-15 16:46:04 | 000,499,590 | ---- | M] () -- E:\WINDOWS\System32\perfh015.dat
[2010-02-15 16:46:04 | 000,440,764 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat
[2010-02-15 16:46:04 | 000,088,896 | ---- | M] () -- E:\WINDOWS\System32\perfc015.dat
[2010-02-15 16:46:04 | 000,071,082 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat
[2010-02-15 16:08:05 | 001,459,888 | ---- | M] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2010-02-15 15:07:46 | 004,938,120 | ---- | M] (Microsoft Corporation) -- E:\Documents and Settings\Michal Walczak\Moje dokumenty\Silverlight.exe
[2010-02-15 13:33:24 | 000,795,846 | ---- | M] () -- E:\Documents and Settings\Michal Walczak\Moje dokumenty\cc_20100215_1333.reg
[2010-02-10 21:55:35 | 000,089,088 | ---- | M] () -- E:\Documents and Settings\Michal Walczak\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-19 15:32:04 | 000,016,869 | ---- | M] () -- E:\Documents and Settings\Michal Walczak\Pulpit\2.2..odt
[1 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-02-15 21:41:01 | 000,032,239 | ---- | C] () -- E:\Documents and Settings\Michal Walczak\Pulpit\wklej_eu - wklej kod, paste code, paste syntax.mht
[2010-02-15 13:33:10 | 000,795,846 | ---- | C] () -- E:\Documents and Settings\Michal Walczak\Moje dokumenty\cc_20100215_1333.reg
[2010-01-20 21:05:51 | 000,016,869 | ---- | C] () -- E:\Documents and Settings\Michal Walczak\Pulpit\2.2..odt
[2010-01-10 22:23:09 | 000,040,960 | ---- | C] () -- E:\WINDOWS\System32\lxdxvs.dll
[2010-01-10 22:23:05 | 000,360,448 | ---- | C] () -- E:\WINDOWS\System32\lxdxcoin.dll
[2010-01-10 22:22:18 | 000,782,336 | ---- | C] () -- E:\WINDOWS\System32\lxdxdrs.dll
[2010-01-10 22:22:18 | 000,081,920 | ---- | C] () -- E:\WINDOWS\System32\lxdxcaps.dll
[2010-01-10 22:22:18 | 000,069,632 | ---- | C] () -- E:\WINDOWS\System32\lxdxcnv4.dll
[2010-01-10 22:20:55 | 000,000,044 | ---- | C] () -- E:\WINDOWS\System32\lxdxrwrd.ini
[2010-01-10 22:20:37 | 000,348,160 | ---- | C] () -- E:\WINDOWS\System32\LXDXinst.dll
[2010-01-10 22:20:34 | 000,208,896 | ---- | C] () -- E:\WINDOWS\System32\lxdxgrd.dll
[2009-10-18 20:18:42 | 000,000,139 | ---- | C] () -- E:\Documents and Settings\Michal Walczak\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2009-01-03 17:28:23 | 000,045,056 | ---- | C] () -- E:\WINDOWS\System32\LXF3PMON.DLL
[2009-01-03 17:28:23 | 000,032,768 | ---- | C] () -- E:\WINDOWS\System32\LXF3FXPU.DLL
[2009-01-03 17:28:22 | 000,053,248 | ---- | C] () -- E:\WINDOWS\System32\lxf3oem.dll
[2009-01-03 17:28:22 | 000,012,288 | ---- | C] () -- E:\WINDOWS\System32\LXF3PMRC.DLL
[2008-11-24 15:19:32 | 000,102,400 | ---- | C] () -- E:\WINDOWS\System32\ktzlib80_1.2.3.dll
[2008-10-17 21:05:36 | 000,112,688 | ---- | C] () -- E:\WINDOWS\System32\shw32.dll
[2008-10-13 16:22:33 | 000,000,399 | ---- | C] () -- E:\WINDOWS\System32\Remover.ini
[2008-10-13 16:22:31 | 000,000,566 | ---- | C] () -- E:\WINDOWS\System32\SP207.ini
[2008-10-11 17:11:14 | 000,000,427 | ---- | C] () -- E:\WINDOWS\ODBC.INI
[2008-09-08 19:53:34 | 000,044,544 | ---- | C] () -- E:\WINDOWS\System32\GIF89.DLL
[2008-09-08 19:53:31 | 000,237,568 | ---- | C] () -- E:\WINDOWS\System32\lame_enc.dll
[2008-09-08 19:30:10 | 000,000,038 | ---- | C] () -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\burnaware.ini
[2008-05-08 11:29:59 | 000,000,796 | ---- | C] () -- E:\WINDOWS\VPlayer.INI
[2008-04-29 07:33:48 | 000,000,754 | ---- | C] () -- E:\WINDOWS\WORDPAD.INI
[2008-02-03 22:03:36 | 000,000,000 | ---- | C] () -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\AVSDVDPlayer.m3u
[2008-02-03 22:02:26 | 000,139,264 | ---- | C] () -- E:\WINDOWS\System32\xvidvfw.dll
[2008-01-18 10:11:06 | 000,002,045 | -H-- | C] () -- E:\Documents and Settings\All Users\Dane aplikacji\whlb32g.dll
[2008-01-06 18:52:23 | 000,000,072 | ---- | C] () -- E:\WINDOWS\Pex.INI
[2008-01-06 18:48:12 | 000,000,186 | ---- | C] () -- E:\WINDOWS\Ulead32.ini
[2007-11-24 16:39:03 | 000,164,352 | ---- | C] () -- E:\WINDOWS\System32\unrar.dll
[2007-11-24 16:39:02 | 000,524,288 | ---- | C] () -- E:\WINDOWS\System32\xvidcore.dll
[2007-11-20 13:52:15 | 000,001,106 | ---- | C] () -- E:\WINDOWS\bestplayer.ini
[2007-11-11 15:33:19 | 000,089,088 | ---- | C] () -- E:\Documents and Settings\Michal Walczak\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007-11-05 20:33:03 | 000,000,097 | ---- | C] () -- E:\WINDOWS\System32\PICSDK.ini
[2007-11-05 20:27:51 | 000,000,026 | ---- | C] () -- E:\WINDOWS\CDE DX4000.ini
[2007-10-29 15:26:55 | 000,147,456 | ---- | C] () -- E:\WINDOWS\System32\RtlCPAPI.dll
[2007-10-29 13:36:09 | 000,000,011 | ---- | C] () -- E:\WINDOWS\SBWIN.INI
[2007-10-29 12:44:09 | 000,016,384 | R--- | C] () -- E:\WINDOWS\System32\e100bmsg.dll
[2006-10-22 12:22:00 | 001,662,976 | ---- | C] () -- E:\WINDOWS\System32\nvwdmcpl.dll
[2006-10-22 12:22:00 | 001,019,904 | ---- | C] () -- E:\WINDOWS\System32\nvwimg.dll
[2006-10-22 12:22:00 | 000,581,632 | ---- | C] () -- E:\WINDOWS\System32\nvhwvid.dll
[2006-10-22 12:22:00 | 000,286,720 | ---- | C] () -- E:\WINDOWS\System32\nvnt4cpl.dll
[2006-10-22 12:22:00 | 000,212,992 | ---- | C] () -- E:\WINDOWS\System32\nvapi.dll
[2005-01-25 15:15:42 | 000,010,240 | ---- | C] () -- E:\WINDOWS\System32\PA207USD.DLL
[1999-01-22 17:46:58 | 000,065,536 | ---- | C] () -- E:\WINDOWS\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2009-08-09 16:47:25 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Dane aplikacji\DivoGames
[2008-10-15 21:05:08 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Dane aplikacji\Teleca
[2007-11-05 20:35:55 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Dane aplikacji\UDL
[2008-09-16 08:42:40 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems
[2007-11-14 20:10:09 | 000,000,000 | ---D | M] -- E:\Documents and Settings\All Users\Dane aplikacji\Zylom
[2009-08-17 18:26:02 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\ArcaMicroScan
[2009-06-24 20:59:19 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\BitTorrent
[2010-02-15 13:24:58 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\DeepBurner
[2010-02-15 22:22:33 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\DNA
[2008-04-29 07:37:52 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\EPSON
[2007-11-06 09:58:59 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\Gadu-Gadu
[2007-10-29 13:38:17 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\InterTrust
[2009-02-26 21:09:57 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\Kerio
[2010-01-10 22:26:14 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\Lexmark Productivity Studio
[2009-06-24 20:59:19 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\LimeWire
[2009-01-27 19:09:39 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\Nowe Gadu-Gadu
[2009-06-05 21:12:57 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\OpenOffice.org
[2010-02-15 22:08:17 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\Search Settings
[2008-09-28 11:01:55 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\Teleca
[2008-01-06 19:18:15 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\Ulead Systems
[2007-11-14 21:28:16 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Michal Walczak\Dane aplikacji\Zylom
[2009-03-03 17:19:19 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ogólny\Dane aplikacji\BitTorrent
[2009-01-15 19:34:13 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ogólny\Dane aplikacji\Lexmark Productivity Studio
[2009-08-15 19:43:29 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ogólny\Dane aplikacji\Nowe Gadu-Gadu
[2010-02-14 17:35:00 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ogólny\Dane aplikacji\Search Settings
[2009-03-04 21:44:42 | 000,000,000 | ---D | M] -- E:\Documents and Settings\Ogólny\Dane aplikacji\Teleca

========== Purity Check ==========


< End of report >

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-02-15 22:34:55
Windows 5.1.2600 Dodatek Service Pack 3
Running: gmer.exe; Driver: E:\DOCUME~1\MICHAL~1\USTAWI~1\Temp\ffairaog.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0xEDC8A82E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0xEDC8A678]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0xEDC8A7AC]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----
karolinat_
Forumowicz
Forumowicz
 
Posty: 12
Dołączenie: 15 Lut 2010, 22:55
Góra

Re: proszę o sprawdzenie loga z hijack

Postprzez mateo8898 » 15 Lut 2010, 23:48

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.2) Gecko/20100115 Firefox/3.6

Logi wklejasz na wklejorg lub wklejto, a w poście dajesz tylko link.

Uruchom OTL -> w oknie Custom Scans/Fixes wklej:
:OTL
IE - HKU\S-1-5-21-746137067-261903793-725345543-1003\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - E:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.)
IE - HKU\S-1-5-21-746137067-261903793-725345543-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
[2010-02-15 20:02:51 | 000,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions\[email protected]
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - E:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.)
O3 - HKU\S-1-5-21-746137067-261903793-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-261903793-725345543-1003\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O4 - HKLM..\Run: [SearchSettings] E:\Program Files\Search Settings\SearchSettings.exe (Vendio Services, Inc.)

:Files
E:\Program Files\Search Settings
E:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk
E:\Documents and Settings\Michal Walczak\Menu Start\Programy\Autostart\OpenOffice.org 3.1.lnk
E:\Documents and Settings\Ogólny\Dane aplikacji\Search Settings

:Commands
[emptytemp]

Klikasz Run Fix. Dajesz log z usuwania + nowy log z OTL
Awatar użytkownika
mateo8898
Moderator
Moderator
 
Posty: 15377
Dołączenie: 15 Maj 2009, 14:55
Pochwały: 966
Góra

Re: proszę o sprawdzenie loga z hijack

Postprzez karolinat_ » 16 Lut 2010, 00:32

PostUA: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 3.0.4506.2152; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.5.30729)

Wow, nie wiem jak to zrobiłeś ale już wszysko ok :) Wielkie dzięki :)

Po ponownym uruchomieniu kompa miałam taki komunikat:
http://www.wklej.eu/index.php?id=e61bfed1de

A tutaj nowy log z OTL:
http://www.wklej.eu/index.php?id=5d0f083617

Jeszcze raz dzięki za pomoc i poświęcony czas, pozdrawiam :)
karolinat_
Forumowicz
Forumowicz
 
Posty: 12
Dołączenie: 15 Lut 2010, 22:55
Góra

Re: proszę o sprawdzenie loga z hijack

Postprzez mateo8898 » 16 Lut 2010, 09:40

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.2) Gecko/20100115 Firefox/3.6

Ok, usunięte.

W OTL kliknij CleanUp

Przeczyść dysk oraz rejestr CCleaner

Wyłącz i włącz przywracanie systemu na wszystkich dyskach -> Instrukcja

Wykonaj pełne skanowanie Malwarebytes' Anti-Malware - jeśli coś znajdzie usuń i daj raport
Awatar użytkownika
mateo8898
Moderator
Moderator
 
Posty: 15377
Dołączenie: 15 Maj 2009, 14:55
Pochwały: 966
Góra

Re: Przed otworzeniem folderu otwiera się info o Search Setting

Postprzez karolinat_ » 16 Lut 2010, 21:58

PostUA: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 3.0.4506.2152; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.5.30729)

Malwarebytes' Anti-Malware nic nie wykrył, załączam raport:
http://www.wklej.eu/index.php?id=87747117cc
karolinat_
Forumowicz
Forumowicz
 
Posty: 12
Dołączenie: 15 Lut 2010, 22:55
Góra

Re: Przed otworzeniem folderu otwiera się info o Search Setting

Postprzez mateo8898 » 16 Lut 2010, 22:02

PostUA: Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.2) Gecko/20100115 Firefox/3.6

Powinno być ok.
Awatar użytkownika
mateo8898
Moderator
Moderator
 
Posty: 15377
Dołączenie: 15 Maj 2009, 14:55
Pochwały: 966
Góra

Re: Przed otworzeniem folderu otwiera się info o Search Setting

Postprzez karolinat_ » 16 Lut 2010, 22:23

PostUA: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 3.0.4506.2152; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.5.30729)

Jeszcze raz dzięki za pomoc, sama w życiu nie dałabym rady. Pozdrawiam :)
karolinat_
Forumowicz
Forumowicz
 
Posty: 12
Dołączenie: 15 Lut 2010, 22:55
Góra
Wyślij odpowiedź

Powróć do Bezpieczeństwo

Kto jest na forum

Zarejestrowani użytkownicy: Bing [Bot]

Switch to mobile style
Technologię dostarcza phpBB® Forum Software © phpBB Group
Profesjonalne polskie tłumaczenie phpBB3
Korzystanie z forum oznacza akceptację polityki prywatności