pakiety internet security

bez · Lipiec 24, 2010

Na poczatku,witam serdecznie.

Teraz do rzeczy,otoz chcialem sobie kupic BitDefender Internet Security ale cos mnie natchnelo zeby najpierw sprawdzic triala(wiecie kot w worku itd..)wiec sciagnalem zainstalowalem,zresetowalem i zawiesil sie komputer(probowalem kilka razy).No nic,mysle sobie,nic straconego jak nie BitDefender to jakis inny.Z innymi to samo Avira,PCtools,Kaspersky,Norton,Comodo,pozniej juz nie probowalem innych.Wrocilem do Aviry free i firewalla PC Tools Firewall Plus.Po kazdej deinstalacji wyzej wymienionych czyscilem rejest.Moj konfig E2180,2gb Adata,hdd 500gb barracuda,msi hd 4850,win xp sp3.moze mial ktos tez podobny problem,jak to rozwiazac?.Formatowac nie chce.

Dziekuje z gory za dobre rady i pozdrawiam.

politan · Lipiec 24, 2010

Sprawdzałeś komputer pod kontem szkodników ? Przeskanuj go programem Malwarbytes Anti-Malware.

Sevard · Lipiec 24, 2010

Log ze skanowania wrzuć na forum. Do tego daj logi z OTL oraz GMERa (być może będzie trzeba odpalić go w trybie awaryjnym, ale najpierw spróbuj w normalnym).

Alaknar · Lipiec 24, 2010

Ja może zdanko wyjaśnienia powyższych dwóch postów...

Bez - jest całkiem sporo wirusów na tym świecie, które działają m. in. w ten sposób, że blokują możliwość (poprawnej) instalacji większości znanych (i mogących im zagrozić) antywirusów.

Możliwe, wobec tego, że z MBAMem też będzie problem (choć wątpię, bo on nie wymaga restartu kompa do działania). Ale nawet jeśli, log OTL i bystre oko Sevarda powinny rozwiązać problem.

bez · Lipiec 25, 2010

Witam.

oto logi,mam nadzieje ze o to chodzi

GMER

GMER 1.0.15.15281 - http://www.gmer.net

Rootkit quick scan 2010-07-25 12:48:45

Windows 5.1.2600 Dodatek Service Pack 3

Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\uxrdqpog.sys

---- System - GMER 1.0.15 ----

SSDT spxo.sys ZwEnumerateKey [0xB9ECDDA4]

SSDT spxo.sys ZwEnumerateValueKey [0xB9ECE132]

---- Devices - GMER 1.0.15 ----

Device 89DE11F8

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)

Device 89BB1500

Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Ip pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

AttachedDevice \Driver\Tcpip \Device\Ip bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)

AttachedDevice \Driver\Tcpip \Device\Tcp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

AttachedDevice \Driver\Tcpip \Device\Tcp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)

AttachedDevice \Driver\Tcpip \Device\Udp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

AttachedDevice \Driver\Tcpip \Device\Udp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)

AttachedDevice \Driver\Tcpip \Device\RawIp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)

AttachedDevice \Driver\Tcpip \Device\RawIp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)

---- EOF - GMER 1.0.15 ----

OTL:

OTL logfile created on: 2010-07-25 13:58:03 - Run 1

OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Administrator\Pulpit

Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 53,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 156,25 Gb Total Space | 91,55 Gb Free Space | 58,59% Space Free | Partition Type: NTFS

Drive D: | 29,28 Gb Total Space | 8,10 Gb Free Space | 27,66% Space Free | Partition Type: FAT32

Drive E: | 156,25 Gb Total Space | 10,95 Gb Free Space | 7,01% Space Free | Partition Type: NTFS

Drive F: | 153,25 Gb Total Space | 146,96 Gb Free Space | 95,89% Space Free | Partition Type: NTFS

Drive G: | 14,90 Gb Total Space | 12,06 Gb Free Space | 80,98% Space Free | Partition Type: NTFS

Drive H: | 9,78 Gb Total Space | 5,24 Gb Free Space | 53,63% Space Free | Partition Type: FAT32

I: Drive not present or media not loaded

Drive J: | 37,27 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: BLACK

Current User Name: Administrator

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2010-07-25 13:53:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe

PRC - [2010-06-30 14:52:22 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe

PRC - [2010-06-05 11:03:18 | 006,890,496 | ---- | M] (Creative Team S.A.) -- C:\Program Files\WapSter\WapSter AQQ\AQQ.exe

PRC - [2010-04-29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2010-04-29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

PRC - [2010-04-29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2010-04-01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2010-03-02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

PRC - [2010-01-12 11:41:00 | 003,168,216 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe

PRC - [2010-01-10 18:49:13 | 000,862,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- C:\Program Files\Ad Muncher\AdMunch.exe

PRC - [2009-11-12 14:48:56 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe

PRC - [2009-11-09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe

PRC - [2009-10-16 14:42:30 | 000,424,688 | ---- | M] (QFX Software Corporation) -- C:\Program Files\KeyScrambler\KeyScrambler.exe

PRC - [2009-10-08 22:59:10 | 001,063,072 | ---- | M] (Mischel Internet Security) -- C:\Program Files\TrojanHunter 5.2\THGuard.exe

PRC - [2009-06-29 07:01:51 | 001,699,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2009-03-05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

PRC - [2009-01-17 16:48:08 | 005,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files\Tlen.pl\tlen.exe

PRC - [2008-07-21 13:37:06 | 000,086,016 | ---- | M] (Nektra S.A.) -- C:\Program Files\Common Files\Outlook Express API\launcher.exe

PRC - [2008-04-13 14:39:20 | 000,049,152 | ---- | M] (artArmin) -- C:\Program Files\Vista Drive Icon\DrvIcon.exe

PRC - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

PRC - [2006-11-13 15:57:16 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe

PRC - [2006-11-13 15:57:06 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe

PRC - [2006-05-21 09:43:08 | 000,180,224 | ---- | M] () -- C:\Program Files\UberIcon\UberIcon.exe

========== Modules (SafeList) ==========

MOD - [2010-07-25 13:53:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe

MOD - [2010-01-10 18:49:14 | 000,030,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- C:\Program Files\Ad Muncher\AM31318.dll

MOD - [2009-11-18 21:12:06 | 000,070,960 | ---- | M] (Stardock.net, Inc) -- C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll

MOD - [2008-06-19 14:20:08 | 000,017,408 | ---- | M] () -- C:\Program Files\Tlen.pl\hook.dll

MOD - [2008-04-14 21:46:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

MOD - [2006-05-21 09:43:08 | 000,065,536 | ---- | M] () -- C:\Program Files\UberIcon\UberIcon.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\ersvc.dll -- (ERSvc)

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\clipsrv.exe -- (ClipSrv)

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\cisvc.exe -- (CiSvc)

SRV - File not found [Auto | Stopped] -- C:\Program Files\PC Tools Internet Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\alg.exe -- (ALG)

SRV - [2010-04-29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2010-04-01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2009-12-17 17:36:24 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus?

SRV - [2009-11-12 14:48:56 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)

SRV - [2009-11-09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)

SRV - [2009-08-07 11:54:44 | 000,330,200 | ---- | M] (BitDefender S.R.L.) [Auto | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)

SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

SRV - [2006-11-03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)

DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\TfSysMon.sys -- (TfSysMon)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\TfNetMon.sys -- (TfNetMon)

DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\TfFsMon.sys -- (TfFsMon)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\PCAMPR5.SYS -- (PCAMPR5)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\mcdbus.sys -- (mcdbus)

DRV - File not found [Kernel | On_Demand | Stopped] -- I:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)

DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\cfgtsj.sys -- (flaslrc)

DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr)

DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\Anti Keylogger Elite\AKEProtect.sys -- (AKEProtect)

DRV - [2010-07-05 13:22:52 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)

DRV - [2010-07-05 13:22:50 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)

DRV - [2010-05-05 04:45:04 | 004,807,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - [2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2010-03-29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)

DRV - [2010-03-01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2010-02-16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2010-02-05 09:17:56 | 000,233,136 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)

DRV - [2010-01-13 08:59:28 | 000,115,216 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)

DRV - [2010-01-12 09:34:14 | 000,070,664 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)

DRV - [2010-01-07 11:35:06 | 000,058,816 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNDIS)

DRV - [2010-01-06 16:16:30 | 000,027,168 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rrnetcap.sys -- (RRNetCapMP)

DRV - [2010-01-06 16:16:30 | 000,027,168 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rrnetcap.sys -- (RRNetCap)

DRV - [2010-01-06 13:02:17 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2010-01-06 11:57:25 | 000,016,608 | ---- | M] (Windows ? 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)

DRV - [2009-11-23 14:54:20 | 000,088,040 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)

DRV - [2009-11-12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2009-10-27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)

DRV - [2009-10-16 14:33:08 | 000,114,928 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\keyscrambler.sys -- (KeyScrambler)

DRV - [2009-08-06 16:34:34 | 000,118,536 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif)

DRV - [2009-08-06 16:34:34 | 000,110,728 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfndisf.sys -- (Bdfndisf)

DRV - [2009-07-24 12:26:08 | 000,285,704 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)

DRV - [2009-06-29 21:59:07 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112)

DRV - [2009-06-29 14:12:38 | 000,152,328 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm)

DRV - [2009-05-11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2008-07-30 04:30:37 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows ? Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2008-02-14 11:04:06 | 004,676,096 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008-01-03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)

DRV - [2007-02-06 16:08:24 | 000,684,672 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb)

DRV - [2007-01-22 11:52:56 | 000,060,533 | ---- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm)

DRV - [2003-08-04 14:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)

DRV - [2003-01-10 23:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/english

IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "AOL Search"

FF - prefs.js..browser.startup.homepage: "www.google.pl"

FF - prefs.js..extensions.enabledItems: {3ED591BC-7CC7-495B-A526-B2431356EDC1}:2.0

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..keyword.URL: "http://aolsearch.aol.com/aol/search?invocationType=client_searchbox&query="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files\Ad Muncher\FirefoxExtension_2.0 [2010-01-10 18:49:14 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: C:\Documents and Settings\All Users\Dane aplikacji\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-23 12:52:30 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-10 17:25:10 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\SeaMonkey\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files\Ad Muncher\FirefoxExtension_2.0 [2010-01-10 18:49:14 | 000,000,000 | ---D | M]

[2010-01-31 21:38:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions

[2010-01-31 21:38:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010-07-23 20:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\vnfz5k7x.default\extensions

[2010-01-22 20:23:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\vnfz5k7x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010-07-03 21:44:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010-06-09 18:46:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2009-08-07 10:38:10 | 000,044,544 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Mozilla Firefox\components\FFComm.dll

[2010-04-12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2010-01-22 20:26:12 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2008-03-06 12:12:18 | 000,002,275 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\aolsearch.xml

[2010-01-22 20:26:13 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2010-01-22 20:26:13 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2010-01-22 20:26:13 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2010-01-22 20:26:13 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2010-01-22 20:26:13 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-07-23 16:01:31 | 000,000,262 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 a204-2-160-40.deploy.akamaitechnologies.com

O1 - Hosts: 127.0.0.1 symantec.com.102.112.2o7.net

O1 - Hosts: 127.0.0.1 a96-7-151-238.deploy.akamaitechnologies.com

O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - Reg Error: Value error. File not found

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - Reg Error: Value error. File not found

O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - Reg Error: Value error. File not found

O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)

O4 - HKLM..\Run: [Ad Muncher] C:\Program Files\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd)

O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics )

O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [backgroundSwitcher] C:\WINDOWS\system32\bgswitch.exe ()

O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe (artArmin)

O4 - HKLM..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe (QFX Software Corporation)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Nektra OEAPI] C:\Program Files\Common Files\Outlook Express API\launcher.exe (Nektra S.A.)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [THGuard] C:\Program Files\TrojanHunter 5.2\THGuard.exe (Mischel Internet Security)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe (Alcohol Soft Development Team)

O4 - HKCU..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe (Creative Team S.A.)

O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe (o2.pl Sp. z o.o.)

O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O4 - HKCU..\Run: [uberIcon] C:\Program Files\UberIcon\UberIcon.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 [2010-07-03 20:25:35 | 000,000,000 | ---D | M]

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 [2010-07-03 20:25:35 | 000,000,000 | ---D | M]

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2010-07-03 20:25:35 | 000,000,000 | ---D | M]

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2010-07-03 20:25:35 | 000,000,000 | ---D | M]

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 [2010-07-03 20:25:35 | 000,000,000 | ---D | M]

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 [2010-07-03 20:25:35 | 000,000,000 | ---D | M]

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 [2010-07-03 20:25:35 | 000,000,000 | ---D | M]

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 [2010-07-03 20:25:35 | 000,000,000 | ---D | M]

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 [2010-07-03 20:25:35 | 000,000,000 | ---D | M]

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 [2010-07-03 20:25:35 | 000,000,000 | ---D | M]

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 [2010-07-03 20:25:35 | 000,000,000 | ---D | M]

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Utwórz Ulubione dla urządzenia przenośnego... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O9 - Extra Button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - Reg Error: Value error. File not found

O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)

O16 - DPF: {1A781DED-4153-C22D-3213-A3211E29DF13} http://cached.gamedesire.com/g_bin/pl/cards_2_0_0_81.cab (GameDesire Card Games)

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O20 - Winlogon\Notify\KeyScrambler: DllName - KeyScramblerLogon.dll - C:\WINDOWS\System32\KeyScramblerLogon.dll (QFX Software Corporation)

O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)

O24 - Desktop Components:0 (Bieżąca strona główna) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010-01-06 11:29:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2006-01-15 19:59:00 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O32 - AutoRun File - [2008-10-13 09:17:13 | 000,000,043 | R--- | M] () - J:\Autorun.inf -- [ CDFS ]

O33 - MountPoints2\{58911851-fab3-11de-9ff1-001d7dc9a223}\Shell - "" = AutoRun

O33 - MountPoints2\{58911851-fab3-11de-9ff1-001d7dc9a223}\Shell\AutoRun\command - "" = J:\Prawko.exe -- [2008-10-13 09:16:39 | 001,108,992 | R--- | M] (SPH CREDO)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-07-25 13:53:23 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe

[2010-07-25 12:31:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE

[2010-07-25 12:30:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache

[2010-07-25 12:08:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Nowy folder (3)

[2010-07-24 19:47:03 | 000,000,000 | ---D | C] -- C:\_CLTUI_E894D6B5_E3CA_4561_A244_272400640573_Session1

[2010-07-24 19:47:03 | 000,000,000 | ---D | C] -- C:\_CLTUI_E894D6B5_E3CA_4561_A244_272400640573_Session0

[2010-07-24 19:44:50 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Firewall Plus

[2010-07-24 19:27:41 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2010-07-24 19:27:39 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2010-07-24 19:27:39 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2010-07-24 19:27:39 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys

[2010-07-24 19:27:39 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys

[2010-07-24 19:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\Avira

[2010-07-24 19:13:17 | 010,702,992 | ---- | C] ( ) -- C:\Documents and Settings\Administrator\Pulpit\fwinstall.exe

[2010-07-24 16:23:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Avira

[2010-07-24 16:17:24 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\explorer

[2010-07-24 16:13:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Nowy folder (2)

[2010-07-24 15:52:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent

[2010-07-24 09:33:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\PCToolsFirewallPlus

[2010-07-24 09:33:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Spam Monitor

[2010-07-24 09:29:50 | 000,149,456 | ---- | C] (PC Tools) -- C:\WINDOWS\SGDetectionTool.dll

[2010-07-24 09:29:49 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDCore.dll

[2010-07-24 09:29:49 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\WINDOWS\PCTBDRes.dll

[2010-07-24 09:29:13 | 000,233,136 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys

[2010-07-24 09:21:42 | 000,115,216 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplfw.sys

[2010-07-24 09:21:42 | 000,070,664 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys

[2010-07-24 09:21:42 | 000,058,816 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis.sys

[2010-07-24 09:21:42 | 000,032,680 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctNdis-DNS.sys

[2010-07-24 09:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\PC Tools

[2010-07-24 09:13:50 | 044,928,064 | ---- | C] (PC Tools ) -- C:\Documents and Settings\Administrator\Pulpit\issetup.exe

[2010-07-24 09:01:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Add-in Express

[2010-07-24 09:01:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Outlook Express API

[2010-07-24 09:00:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Tools

[2010-07-24 07:58:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Tific

[2010-07-24 07:58:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Tific

[2010-07-23 15:50:05 | 000,000,000 | ---D | C] -- C:\Program Files\1262771043

[2010-07-23 15:32:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller

[2010-07-23 13:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\BD_TEMP

[2010-07-23 12:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\BitDefender

[2010-07-23 12:47:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender

[2010-07-20 20:09:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\WM_Administrat2 My Documents

[2010-07-20 19:38:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync

[2010-07-20 08:36:18 | 000,000,000 | ---D | C] -- C:\Program Files\TrojanHunter 5.2

[2010-07-19 22:41:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2010-07-19 22:23:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\emsi

[2010-07-19 21:43:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom

[2010-07-19 21:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\xerox

[2010-07-19 21:43:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst

[2010-07-19 21:43:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe

[2010-07-19 21:43:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent

[2010-07-19 21:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\movie maker

[2010-07-19 21:43:17 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage

[2010-07-19 21:43:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ime

[2010-07-19 21:24:52 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2010-07-19 20:59:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010-07-17 08:16:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\InsFiles

[2010-07-17 08:16:14 | 000,434,176 | ---- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmcfg32.dll

[2010-07-17 08:16:14 | 000,167,936 | ---- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmctrl.dll

[2010-07-17 08:16:11 | 000,446,464 | ---- | C] (STMicroelectronics ) -- C:\WINDOWS\System32\stmadsl.cpl

[2010-07-17 08:16:11 | 000,000,000 | ---D | C] -- C:\Program Files\ZTE ZXDSL 852

[2010-07-12 10:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid

[2010-07-11 09:58:44 | 000,114,928 | ---- | C] (QFX Software Corporation) -- C:\WINDOWS\System32\drivers\keyscrambler.sys

[2010-07-11 09:58:40 | 000,000,000 | ---D | C] -- C:\Program Files\KeyScrambler

[2010-07-11 09:07:57 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2010-07-09 21:32:45 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer

[2010-07-06 11:42:06 | 000,000,000 | ---D | C] -- C:\Program Files\LD-Anime

[2010-07-05 13:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Risen

[2010-07-05 13:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Risen

[2010-07-05 13:22:42 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies

[2010-07-05 13:22:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\AGEIA

[2010-07-05 13:22:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard

[2010-07-04 21:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Abelssoft

[2010-07-04 21:39:11 | 000,000,000 | ---D | C] -- C:\Program Files\WashAndGo

[2010-07-04 19:53:11 | 000,103,424 | ---- | C] (MailShare.pl) -- C:\WINDOWS\System32\Http Client_nat.dll

[2010-07-04 19:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\MailShare

[2010-07-03 20:30:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\3

[2010-07-03 20:25:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\2

[2010-07-03 20:21:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\1

[2010-07-03 19:09:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\foty

[2010-06-29 07:48:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\EBook

[2005-11-26 21:23:22 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.WIA.dll

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010-07-25 13:53:23 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe

[2010-07-25 13:50:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010-07-25 13:49:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010-07-25 13:48:31 | 005,242,880 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT

[2010-07-25 13:48:31 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini

[2010-07-25 12:54:38 | 000,015,888 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

[2010-07-25 12:54:17 | 000,118,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010-07-24 19:15:42 | 010,702,992 | ---- | M] ( ) -- C:\Documents and Settings\Administrator\Pulpit\fwinstall.exe

[2010-07-24 10:23:40 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Defraggler.lnk

[2010-07-24 09:20:21 | 044,928,064 | ---- | M] (PC Tools ) -- C:\Documents and Settings\Administrator\Pulpit\issetup.exe

[2010-07-24 08:54:09 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\qitekg.sys

[2010-07-23 22:55:37 | 002,644,582 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2010-07-23 16:01:31 | 000,000,262 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010-07-23 15:42:36 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI

[2010-07-22 19:03:09 | 000,209,458 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\edycja.htm

[2010-07-20 20:09:35 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\WM_Administrat2 My Documents.LNK

[2010-07-20 19:39:59 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc

[2010-07-20 08:36:30 | 000,000,692 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\TrojanHunter.lnk

[2010-07-19 22:58:27 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010-07-19 21:35:08 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010-07-19 21:34:49 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.nav

[2010-07-19 21:24:55 | 000,000,275 | RHS- | M] () -- C:\boot.ini

[2010-07-19 19:54:46 | 000,002,156 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\fix.reg

[2010-07-19 19:47:13 | 000,000,474 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{174425B6-419F-43EB-BB4B-4601B8942590}.job

[2010-07-18 16:21:56 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Avira AntiVir Personal Profile Windows System Directory.LNK

[2010-07-17 08:17:37 | 000,011,390 | ---- | M] () -- C:\WINDOWS\stsetup.htm

[2010-07-17 08:17:19 | 000,001,416 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ZTE ZXDSL 852.lnk

[2010-07-15 18:21:21 | 000,114,738 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\161358tapetki_koty_134.jpg

[2010-07-11 09:07:58 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\HijackThis.lnk

[2010-07-09 21:44:04 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\CCleaner.lnk

[2010-07-09 21:32:52 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Trojan Killer.lnk

[2010-07-09 08:07:33 | 000,050,688 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010-07-07 16:32:24 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Wampiry - krótka historia.doc

[2010-07-05 13:22:52 | 000,281,760 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys

[2010-07-05 13:22:50 | 000,025,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys

[2010-07-04 21:39:22 | 000,001,598 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\1-Klick-EasyClean starten.lnk

[2010-07-04 21:39:22 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\WashAndGo.lnk

[2010-07-04 19:53:11 | 000,103,424 | ---- | M] (MailShare.pl) -- C:\WINDOWS\System32\Http Client_nat.dll

[2010-07-04 16:08:26 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\MoorHunt.lnk

[2010-07-03 09:31:02 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Opera.lnk

[2010-07-01 17:04:42 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010-07-24 09:29:50 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll

[2010-07-24 09:29:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\RegSDImport.xml

[2010-07-24 09:29:50 | 000,000,879 | ---- | C] () -- C:\WINDOWS\RegISSImport.xml

[2010-07-24 09:29:50 | 000,000,131 | ---- | C] () -- C:\WINDOWS\IDB.zip

[2010-07-24 09:29:49 | 001,152,444 | ---- | C] () -- C:\WINDOWS\UDB.zip

[2010-07-24 09:29:13 | 000,007,387 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctgntdi.cat

[2010-07-24 09:21:42 | 000,007,435 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.cat

[2010-07-24 09:21:42 | 000,007,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctNdis-DNS.cat

[2010-07-24 09:21:42 | 000,007,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\pctplfw.cat

[2010-07-24 08:54:09 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\qitekg.sys

[2010-07-22 19:03:09 | 000,209,458 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\edycja.htm

[2010-07-20 20:09:35 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\WM_Administrat2 My Documents.LNK

[2010-07-20 19:39:59 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\$_hpcst$.hpc

[2010-07-20 08:36:30 | 000,000,692 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\TrojanHunter.lnk

[2010-07-19 21:24:54 | 000,262,400 | ---- | C] () -- C:\cmldr

[2010-07-19 21:20:10 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2010-07-19 21:20:10 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2010-07-19 19:54:46 | 000,002,156 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\fix.reg

[2010-07-18 16:21:56 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Avira AntiVir Personal Profile Windows System Directory.LNK

[2010-07-17 08:17:19 | 000,001,416 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ZTE ZXDSL 852.lnk

[2010-07-17 08:16:12 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\stmclean.exe

[2010-07-17 08:16:11 | 000,018,498 | ---- | C] () -- C:\WINDOWS\System32\CSALogo.bmp

[2010-07-17 08:16:11 | 000,000,766 | ---- | C] () -- C:\WINDOWS\System32\icStop.ico

[2010-07-17 08:16:11 | 000,000,766 | ---- | C] () -- C:\WINDOWS\System32\icShTx.ico

[2010-07-17 08:16:11 | 000,000,766 | ---- | C] () -- C:\WINDOWS\System32\icShTR.ico

[2010-07-17 08:16:11 | 000,000,766 | ---- | C] () -- C:\WINDOWS\System32\icShRx.ico

[2010-07-17 08:16:11 | 000,000,766 | ---- | C] () -- C:\WINDOWS\System32\icShow.ico

[2010-07-17 08:16:11 | 000,000,766 | ---- | C] () -- C:\WINDOWS\System32\icNoMo.ico

[2010-07-17 08:16:11 | 000,000,766 | ---- | C] () -- C:\WINDOWS\System32\icInit.ico

[2010-07-15 18:21:21 | 000,114,738 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\161358tapetki_koty_134.jpg

[2010-07-12 10:59:09 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2010-07-12 10:59:09 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2010-07-12 10:59:09 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax

[2010-07-11 09:07:57 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\HijackThis.lnk

[2010-07-09 21:32:52 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Trojan Killer.lnk

[2010-07-07 16:32:24 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Wampiry - krótka historia.doc

[2010-07-05 13:20:36 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Risen.lnk

[2010-07-04 21:39:22 | 000,001,598 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\1-Klick-EasyClean starten.lnk

[2010-07-04 21:39:22 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\WashAndGo.lnk

[2010-06-07 17:37:38 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll

[2010-05-03 19:05:16 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll

[2010-03-19 14:56:53 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2010-03-12 10:19:29 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2010-02-27 12:19:28 | 000,000,040 | ---- | C] () -- C:\WINDOWS\RUNAWAY.INI

[2010-01-23 13:34:55 | 000,000,119 | ---- | C] () -- C:\WINDOWS\Podcasts.INI

[2010-01-13 15:01:04 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys

[2010-01-13 15:01:02 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys

[2010-01-10 23:04:40 | 000,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll

[2010-01-10 16:02:41 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2010-01-09 15:02:58 | 000,684,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\torususb.sys

[2010-01-09 15:02:57 | 000,000,161 | ---- | C] () -- C:\WINDOWS\DSLSetup.ini

[2010-01-06 21:56:13 | 000,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini

[2010-01-06 14:03:13 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[2010-01-06 12:56:44 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys

[2009-11-06 11:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat

[2009-01-15 13:45:34 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll

[2008-10-07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll

[2008-10-07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2008-10-07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2008-08-24 18:38:56 | 000,099,480 | ---- | C] () -- C:\WINDOWS\System32\ShellExtension_x64.dll

[2008-08-24 18:38:54 | 000,093,336 | ---- | C] () -- C:\WINDOWS\System32\ShellExtension_x86.dll

[2008-08-24 18:38:50 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\Squish_x86.dll

[2008-08-24 18:38:50 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\Squish_x86_SSE2.dll

[2008-08-24 18:38:50 | 000,095,744 | ---- | C] () -- C:\WINDOWS\System32\Squish_x64.dll

[2007-01-31 14:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 212 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:430C6D84

@Alternate Data Stream - 165 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DF462FF6

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D1B5B4F1

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:5160F090

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:C31F31E6

< End of report >

MBAM:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Wersja bazy: 4345

Windows 5.1.2600 Dodatek Service Pack 3

Internet Explorer 8.0.6001.18702

2010-07-25 14:27:36

mbam-log-2010-07-25 (14-27-36).txt

Typ skanowania: Pełne skanowanie (C:\|)

Przeskanowano obiektów: 169152

Upłynęło: 32 minut(y), 56 sekund(y)

Zainfekowanych procesów w pamięci: 0

Zainfekowanych modułów w pamięci: 0

Zainfekowanych kluczy rejestru: 0

Zainfekowanych wartości rejestru: 0

Zainfekowane informacje rejestru systemowego: 0

Zainfekowanych folderów: 0

Zainfekowanych plików: 1

Zainfekowanych procesów w pamięci:

(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:

(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:

(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:

(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:

(Nie znaleziono zagrożeń)

Zainfekowanych folderów:

(Nie znaleziono zagrożeń)

Zainfekowanych plików:

C:\System Volume Information\_restore{7A5352C4-226A-4F4B-B362-8D31EE3F0AB1}\RP281\A0285839.exe (Trojan.Downloader) -> No action taken.

Dzieki.

Sevard · Lipiec 25, 2010

Usuń programy emulujące wirtualne napędy, następnie odinstaluj sterownik spdt za pomocą narzędzia, które znajdziesz na tej stronie. Następnie wygeneruj nowe logi z GMERa i OTL i zamieść je na forum. Tego typu oprogramowanie niestety działa jak rootkity i trudno mi powiedzieć, czy część wpisów dotyczy tego oprogramowania, czy też jest to coś szkodliwego.

bez · Lipiec 26, 2010

Sorki ze dopiero teraz,wczoraj nie mialem czasu.Zrobilem tak jak napisales.

Logi:

GMER:

GMER 1.0.15.15281 - http://www.gmer.net

Rootkit quick scan 2010-07-26 08:13:34

Windows 5.1.2600 Dodatek Service Pack 3

Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\uxrdqpog.sys

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)