Mam jakiegoś wirusa :/ - Komputer Świat Ekspert

Strona 1 z 1

Nie możesz napisać tematu
Dodaj odpowiedź

Mam jakiegoś wirusa :/ Jestem totalnym laikiem proszącym o pomoc ;)

#1 malenka

Nowy Uczestnik

Grupa: Czytelnicy
Postów 9
Rejestracja: 12-marzec 11

Napisano 12 marzec 2011, 21:26

Witam wszystkich.
To jest mój pierwszy post i mam nadzieję, że w dobrym miejscu tworzę ten temat.

Do rzeczy.. Wyskoczyło mi dziś już kilkakrotnie takie okienko do którego zamieszczam link poniżej

Print screen tego co widzę

Pomóżcie mi szybko coś z tym zrobić. Proszę.

Z góry dziękuję za odpowiedzi.

PS
Jeżeli potrzebujecie więcej informacji to pytajcie. Nie znam się za bardzo na komputerach ale jak wyjaśnicie mi krok po kroku co mam zrobić to będę bardzo wdzięczna

#2 mati8898

Początkujący Uczestnik

Grupa: Czytelnicy
Postów 262
Rejestracja: 07-czerwiec 09

Napisano 12 marzec 2011, 21:57

NOD zablokował jakiś adres, co nie znaczy jeszcze, że komputer jest zainfekowany. Możesz dla pewności wrzucić logi z OTL i GMER

#3 malenka

Nowy Uczestnik

Grupa: Czytelnicy
Postów 9
Rejestracja: 12-marzec 11

Napisano 12 marzec 2011, 23:39

Użytkownik mati8898 dnia 12 marzec 2011, 21:57 napisał

NOD zablokował jakiś adres, co nie znaczy jeszcze, że komputer jest zainfekowany. Możesz dla pewności wrzucić logi z OTL i GMER

O coś takiego Ci chodzi?

OTL logfile created on: 2011-03-12 22:03:21 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\0 instalki\poszukiwanie wirusow na kompie
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 172,69 Gb Total Space | 143,75 Gb Free Space | 83,24% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 207,25 Gb Free Space | 70,74% Space Free | Partition Type: NTFS
Drive E: | 277,63 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MASTER-KOMPUTER | User Name: MASTER | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-03-12 22:00:38 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\0 instalki\poszukiwanie wirusow na kompie\OTL.com
PRC - [2011-03-06 14:32:44 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011-02-20 20:33:06 | 000,214,520 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010-07-31 12:07:13 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010-04-07 20:08:52 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009-08-04 16:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009-08-04 16:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
PRC - [2006-09-15 12:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\Windows\vsnp2std.exe

========== Modules (SafeList) ==========

MOD - [2011-03-12 22:00:38 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\0 instalki\poszukiwanie wirusow na kompie\OTL.com
MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\ comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010-05-05 03:15:10 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010-04-07 20:13:22 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010-04-07 20:08:52 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011-02-20 20:33:06 | 000,214,520 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010-07-31 12:07:13 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-08-04 16:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007-12-17 04:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007-01-11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010-07-30 18:48:00 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010-05-05 03:47:08 | 006,789,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010-05-05 02:23:24 | 000,221,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010-04-07 20:10:22 | 000,124,760 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010-04-07 20:08:38 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010-04-07 20:05:24 | 000,164,912 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010-03-09 11:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010-01-27 03:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2009-07-30 12:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009-07-17 19:52:00 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007-04-09 10:37:18 | 012,342,656 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2007-04-09 10:38:06 | 012,039,552 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\S-1-5-21-629509063-1113571351-4188246156-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\S-1-5-21-629509063-1113571351-4188246156-1000\Software\Microsoft\Windows\ CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.o2.pl/"
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {14f6a182-4c6f-45ae-9f5a-aa3ccbb1cfa3}:3.2.5.2

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-03-06 14:32:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-03-06 14:32:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-07-29 23:30:22 | 000,000,000 | ---D | M]

[2010-07-30 17:49:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MASTER\AppData\Roaming\mozilla\Extensions
[2011-03-12 17:18:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MASTER\AppData\Roaming\mozilla\Firefox\Profiles\n67rdjis. default\extensions
[2010-11-29 15:36:29 | 000,000,000 | ---D | M] (InnoGames Polska Community Toolbar) -- C:\Users\MASTER\AppData\Roaming\mozilla\Firefox\Profiles\n67rdjis. default\extensions\{14f6a182-4c6f-45ae-9f5a-aa3ccbb1cfa3}
[2010-11-29 15:36:30 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\MASTER\AppData\Roaming\mozilla\Firefox\Profiles\n67rdjis. default\extensions\engine@conduit.com
[2011-01-16 17:54:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011-03-06 14:32:46 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2011-03-06 14:32:46 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2011-03-06 14:32:46 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2011-03-06 14:32:46 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2011-03-06 14:32:46 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-03-06 14:32:46 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-629509063-1113571351-4188246156-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-629509063-1113571351-4188246156-1000..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-629509063-1113571351-4188246156-1000..\Run: [EPSON Stylus SX200 Series] File not found
O4 - HKU\S-1-5-21-629509063-1113571351-4188246156-1000..\Run: [EPSON Stylus SX200 Series (Kopia 1)] File not found
O4 - HKU\S-1-5-21-629509063-1113571351-4188246156-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-04-18 18:37:34 | 000,000,029 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{67395d80-9bfd-11df-af46-6cf049942394}\Shell - "" = AutoRun
O33 - MountPoints2\{67395d80-9bfd-11df-af46-6cf049942394}\Shell\AutoRun\command - "" = I:\Setup\rsrc\autorun.exe
O33 - MountPoints2\{67395d80-9bfd-11df-af46-6cf049942394}\Shell\dinstall\command - "" = I:\Directx\dxsetup.exe
O33 - MountPoints2\{a70c7f8e-9b60-11df-9008-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a70c7f8e-9b60-11df-9008-806e6f6e6963}\Shell\AutoRun\command - "" = E:\EPSetup.exe -- [2008-01-28 05:43:00 | 000,636,848 | R--- | M] (SEIKO EPSON CORPORATION)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-03-11 20:50:28 | 000,000,000 | ---D | C] -- C:\Users\MASTER\Desktop\ss
[2011-03-09 19:29:11 | 000,000,000 | ---D | C] -- C:\Users\MASTER\Desktop\crow
[2011-03-09 16:18:05 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011-03-09 16:18:05 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011-03-09 16:18:04 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011-03-09 16:18:04 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011-03-09 16:18:03 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011-03-09 16:18:03 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011-03-09 16:18:03 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011-03-09 16:18:03 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011-03-09 16:18:03 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011-03-09 16:18:03 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011-03-09 16:18:02 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011-03-09 16:18:02 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011-03-09 16:18:01 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011-03-09 16:18:01 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011-03-09 16:18:00 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011-03-09 16:18:00 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011-03-05 19:38:14 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Roaming\VDownloader
[2011-03-05 19:38:14 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\VDownloader
[2011-03-05 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2011-03-05 19:37:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader
[2011-03-05 19:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VDownloader
[2011-03-05 19:30:07 | 000,000,000 | ---D | C] -- C:\Downloads
[2011-03-05 19:30:06 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Roaming\ProgSense
[2011-03-05 19:29:52 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Roaming\Orbit
[2011-02-27 13:23:32 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Roaming\EPSON
[2011-02-27 12:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2011-02-27 12:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite
[2011-02-27 12:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
[2011-02-27 12:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
[2011-02-27 12:54:12 | 000,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICSDK2.dll
[2011-02-27 12:54:12 | 000,120,992 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\EpPicPrt.dll
[2011-02-27 12:54:12 | 000,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICEntry.dll
[2011-02-27 12:54:12 | 000,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICSDK.dll
[2011-02-27 12:54:12 | 000,071,840 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\EPPicMgr.dll
[2011-02-27 12:53:47 | 000,083,968 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxcwiad.dll
[2011-02-23 20:50:05 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011-02-23 20:50:05 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011-02-23 20:50:05 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011-02-23 20:50:04 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011-02-19 22:58:30 | 000,000,000 | ---D | C] -- C:\Users\MASTER\Desktop\taekwondo
[2010-10-15 19:09:00 | 000,151,552 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2std.dll

========== Files - Modified Within 30 Days ==========

[2011-03-12 21:15:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-03-12 20:29:49 | 000,021,517 | ---- | M] () -- C:\Users\MASTER\Desktop\wirus.png
[2011-03-12 14:52:17 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-03-12 14:52:17 | 000,697,674 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2011-03-12 14:52:17 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-03-12 14:52:17 | 000,134,784 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2011-03-12 14:52:17 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-03-12 14:47:54 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-03-12 14:47:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-03-12 14:47:43 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2011-03-12 11:12:12 | 000,002,432 | ---- | M] () -- C:\Users\MASTER\AppData\Local\TempPp1284.html
[2011-03-12 10:15:34 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011-03-09 22:25:03 | 000,002,432 | ---- | M] () -- C:\Users\MASTER\AppData\Local\TempDr1408.html
[2011-03-09 22:25:03 | 000,002,089 | ---- | M] () -- C:\Users\MASTER\AppData\Local\TempHz1408.html
[2011-03-09 19:31:24 | 000,007,168 | -H-- | M] () -- C:\Users\MASTER\Desktop\photothumb.db
[2011-03-07 21:52:57 | 000,002,432 | ---- | M] () -- C:\Users\MASTER\AppData\Local\TempOM3824.html
[2011-03-07 21:52:57 | 000,002,089 | ---- | M] () -- C:\Users\MASTER\AppData\Local\TempDp3824.html
[2011-03-06 12:47:45 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115- 601632D005A0
[2011-03-06 12:47:45 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115- 601632D005A0
[2011-03-05 19:37:38 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\VDownloader.lnk
[2011-03-01 21:46:07 | 000,002,432 | ---- | M] () -- C:\Users\MASTER\AppData\Local\TempJv3404.html
[2011-03-01 21:46:07 | 000,002,089 | ---- | M] () -- C:\Users\MASTER\AppData\Local\TempLl3404.html
[2011-03-01 19:59:24 | 000,002,432 | ---- | M] () -- C:\Users\MASTER\AppData\Local\TempaC2864.html
[2011-03-01 19:59:24 | 000,002,089 | ---- | M] () -- C:\Users\MASTER\AppData\Local\Tempfk2864.html
[2011-02-27 13:01:06 | 000,002,288 | ---- | M] () -- C:\Users\Public\Desktop\EPSON File Manager.lnk
[2011-02-27 12:54:06 | 000,002,235 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Stylus SX200_SX400_TX200_TX400 Manual.lnk
[2011-02-27 12:53:47 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011-02-26 02:19:32 | 000,041,872 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2011-02-26 02:19:32 | 000,027,536 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2011-02-22 20:25:10 | 000,002,098 | ---- | M] () -- C:\Users\MASTER\.recently-used.xbel
[2011-02-22 19:36:42 | 000,002,432 | ---- | M] () -- C:\Users\MASTER\AppData\Local\TemphV2244.html
[2011-02-20 20:33:06 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011-02-20 20:33:06 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-02-19 07:37:10 | 001,540,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011-02-19 07:36:49 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011-02-19 06:32:48 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011-02-19 06:32:35 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011-02-18 22:01:36 | 000,002,432 | ---- | M] () -- C:\Users\MASTER\AppData\Local\Tempyt2856.html
[2011-02-18 22:01:36 | 000,002,089 | ---- | M] () -- C:\Users\MASTER\AppData\Local\TempHh2856.html
[2011-02-11 20:58:55 | 000,002,432 | ---- | M] () -- C:\Users\MASTER\AppData\Local\TempJY1708.html
[2011-02-11 20:58:55 | 000,002,089 | ---- | M] () -- C:\Users\MASTER\AppData\Local\Tempur1708.html
[2011-02-11 09:05:07 | 000,286,720 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011-03-12 20:29:48 | 000,021,517 | ---- | C] () -- C:\Users\MASTER\Desktop\wirus.png
[2011-03-12 10:31:45 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempPp1284.html
[2011-03-09 18:36:23 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempDr1408.html
[2011-03-09 18:36:23 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempHz1408.html
[2011-03-07 21:27:05 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempOM3824.html
[2011-03-07 21:27:05 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempDp3824.html
[2011-03-05 19:37:38 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2011-03-05 19:37:38 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\VDownloader.lnk
[2011-03-01 21:08:42 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempJv3404.html
[2011-03-01 21:08:42 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempLl3404.html
[2011-03-01 19:01:22 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempaC2864.html
[2011-03-01 19:01:22 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempfk2864.html
[2011-02-27 13:01:06 | 000,002,288 | ---- | C] () -- C:\Users\Public\Desktop\EPSON File Manager.lnk
[2011-02-27 12:54:12 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011-02-27 12:54:12 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011-02-27 12:54:12 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011-02-27 12:54:12 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011-02-27 12:54:12 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011-02-27 12:54:12 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011-02-27 12:54:12 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011-02-27 12:54:12 | 000,013,732 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_EN.cfg
[2011-02-27 12:54:12 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011-02-27 12:54:12 | 000,006,442 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_IT.cfg
[2011-02-27 12:54:12 | 000,006,347 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_PT.cfg
[2011-02-27 12:54:12 | 000,006,347 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_BP.cfg
[2011-02-27 12:54:12 | 000,006,335 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_GE.cfg
[2011-02-27 12:54:12 | 000,006,195 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_FR.cfg
[2011-02-27 12:54:12 | 000,006,195 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_CF.cfg
[2011-02-27 12:54:12 | 000,006,122 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_DU.cfg
[2011-02-27 12:54:12 | 000,006,103 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_ES.cfg
[2011-02-27 12:54:12 | 000,005,817 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_KO.cfg
[2011-02-27 12:54:12 | 000,005,436 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_SC.cfg
[2011-02-27 12:54:12 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011-02-27 12:54:12 | 000,002,889 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_RU.cfg
[2011-02-27 12:54:12 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_TC.cfg
[2011-02-27 12:54:12 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2011-02-27 12:54:12 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011-02-27 12:54:12 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011-02-27 12:54:12 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011-02-27 12:54:12 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011-02-27 12:54:12 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011-02-27 12:54:12 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2011-02-27 12:54:12 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2011-02-27 12:54:12 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011-02-27 12:54:12 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011-02-27 12:54:06 | 000,002,235 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Stylus SX200_SX400_TX200_TX400 Manual.lnk
[2011-02-27 12:53:47 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011-02-26 02:19:32 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011-02-26 02:19:32 | 000,027,536 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2011-02-22 20:25:10 | 000,002,098 | ---- | C] () -- C:\Users\MASTER\.recently-used.xbel
[2011-02-22 19:36:00 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TemphV2244.html
[2011-02-18 22:00:58 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempyt2856.html
[2011-02-18 22:00:58 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempHh2856.html
[2011-02-11 16:24:15 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempJY1708.html
[2011-02-11 16:24:15 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempur1708.html
[2011-02-10 20:12:56 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempANI716.html
[2011-02-09 13:40:28 | 000,000,266 | ---- | C] () -- C:\Windows\game.ini
[2011-02-09 11:59:29 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempsW4004.html
[2011-02-09 11:59:29 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempEf4004.html
[2011-02-06 18:30:10 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempqu2812.html
[2011-01-27 19:01:57 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Templw3796.html
[2011-01-27 19:01:57 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempWB3796.html
[2011-01-25 20:51:48 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempVv3448.html
[2011-01-25 20:51:48 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempxW3448.html
[2011-01-23 20:53:06 | 000,000,025 | ---- | C] () -- C:\Windows\CDE SX200DEFGIPS.ini
[2011-01-23 19:24:19 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempYi3904.html
[2011-01-23 19:24:19 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempnd3904.html
[2011-01-22 16:50:33 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempwJ3424.html
[2011-01-22 16:50:33 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempoD3424.html
[2011-01-21 17:01:39 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempQT3564.html
[2011-01-21 17:01:39 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempXc3564.html
[2011-01-20 19:55:57 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempgD2468.html
[2011-01-20 19:55:57 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempgQ2468.html
[2011-01-19 16:55:36 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempnZ1232.html
[2011-01-19 16:55:36 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempTv1232.html
[2011-01-18 17:49:32 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempAE1848.html
[2011-01-18 17:49:32 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempUY1848.html
[2011-01-17 20:37:12 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempre3928.html
[2011-01-17 20:37:12 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempXu3928.html
[2011-01-16 16:47:46 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempkv1584.html
[2011-01-16 16:47:46 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempQd1584.html
[2011-01-15 14:48:11 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempma3700.html
[2011-01-15 14:48:11 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempIc3700.html
[2011-01-08 16:32:54 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempKf3976.html
[2011-01-08 16:32:54 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempFW3976.html
[2011-01-06 17:49:35 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempwh3852.html
[2011-01-06 17:49:35 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempTV3852.html
[2011-01-05 11:20:47 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempTT4092.html
[2011-01-05 11:20:47 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempsK4092.html
[2011-01-03 12:05:46 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempTV2756.html
[2011-01-03 12:05:46 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempDh2756.html
[2011-01-02 15:08:28 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempgd2480.html
[2011-01-02 15:08:28 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempIH2480.html
[2010-12-27 18:37:25 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Temptt3844.html
[2010-12-27 18:37:25 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempna3844.html
[2010-12-26 17:31:59 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempwI2812.html
[2010-12-26 17:31:59 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempTq2812.html
[2010-12-25 16:10:05 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempZJ3416.html
[2010-12-23 20:06:55 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempqb3948.html
[2010-12-22 22:00:27 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempxr2300.html
[2010-12-22 22:00:26 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempfj2300.html
[2010-12-19 11:51:39 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempzv1804.html
[2010-12-18 22:21:34 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempCn3356.html
[2010-12-18 22:21:34 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Temprk3356.html
[2010-12-18 13:03:53 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempVv3088.html
[2010-12-18 13:03:53 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempks3088.html
[2010-12-17 20:22:51 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempiU3288.html
[2010-12-17 20:22:51 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempfY3288.html
[2010-12-16 20:20:07 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempUpv432.html
[2010-12-16 20:20:07 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempKxs432.html
[2010-12-16 16:50:41 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempBQ3576.html
[2010-12-16 16:50:41 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempFw3576.html
[2010-12-15 19:03:57 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempjY3680.html
[2010-12-15 19:03:57 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempOQ3680.html
[2010-12-10 17:45:21 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempMwB936.html
[2010-12-10 17:45:21 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempnQo936.html
[2010-12-08 19:41:15 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempwV1000.html
[2010-12-08 19:41:15 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TemphR1000.html
[2010-12-07 19:15:10 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempBx3788.html
[2010-12-07 19:15:10 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempoY3788.html
[2010-12-06 20:52:33 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempHi1476.html
[2010-12-06 20:52:33 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempHB1476.html
[2010-12-05 20:21:38 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempTW3716.html
[2010-12-05 20:21:38 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempTS3716.html
[2010-12-04 15:44:51 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempre1344.html
[2010-12-04 15:44:51 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempqH1344.html
[2010-12-03 17:38:19 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempLxw664.html
[2010-12-03 17:38:19 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempjsl664.html
[2010-12-02 17:38:13 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempjl2156.html
[2010-12-02 17:38:13 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempFB2156.html
[2010-12-01 15:21:25 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempqa3880.html
[2010-12-01 15:21:25 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Temphd3880.html
[2010-11-29 15:43:34 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempEZh332.html
[2010-11-29 15:43:34 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TemppdD332.html
[2010-11-26 16:40:28 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TemprD3248.html
[2010-11-26 16:40:28 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempvU3248.html
[2010-11-24 19:23:54 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempbm3636.html
[2010-11-21 11:36:10 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempCb2604.html
[2010-11-18 19:41:05 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TemppO3800.html
[2010-11-18 19:41:05 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempqO3800.html
[2010-11-13 11:42:02 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempct3944.html
[2010-11-13 11:42:02 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempyH3944.html
[2010-11-12 20:05:53 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempQo4060.html
[2010-11-11 18:50:01 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempOH3736.html
[2010-11-11 18:50:01 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempxU3736.html
[2010-11-10 19:53:50 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempMt3188.html
[2010-11-10 19:53:50 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempMg3188.html
[2010-11-09 22:21:31 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempgC2752.html
[2010-11-09 22:21:31 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempJd2752.html
[2010-10-26 20:18:25 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempeJ2552.html
[2010-10-26 20:18:25 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempJg2552.html
[2010-10-26 15:58:12 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempEa3176.html
[2010-10-26 15:58:12 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempWR3176.html
[2010-10-25 16:40:26 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempsT3384.html
[2010-10-25 16:40:26 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempAW3384.html
[2010-10-23 18:23:58 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempmM3896.html
[2010-10-23 18:23:58 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempyh3896.html
[2010-10-22 18:49:37 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TemplC3160.html
[2010-10-22 18:49:37 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempOB3160.html
[2010-10-21 16:10:06 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempDq3948.html
[2010-10-21 16:10:06 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempTJ3948.html
[2010-10-20 19:47:04 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempxo3248.html
[2010-10-20 19:47:04 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempUn3248.html
[2010-10-20 19:45:31 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempdB2976.html
[2010-10-20 19:45:31 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempxr2976.html
[2010-10-19 18:27:39 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempPc2936.html
[2010-10-19 18:27:39 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempOS2936.html
[2010-10-18 18:16:00 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempoq4072.html
[2010-10-18 18:16:00 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempwf4072.html
[2010-10-17 09:49:05 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Temprx3880.html
[2010-10-17 09:49:05 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempKC3880.html
[2010-10-16 20:29:11 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempNJ2688.html
[2010-10-16 20:29:11 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempuJ2688.html
[2010-10-16 10:22:21 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempnA3312.html
[2010-10-16 10:22:21 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempKm3312.html
[2010-10-15 19:09:07 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2010-10-15 19:09:02 | 000,025,472 | ---- | C] () -- C:\Windows\SysWow64\drivers\sncamd.sys
[2010-10-15 19:09:01 | 012,039,552 | ---- | C] () -- C:\Windows\SysWow64\drivers\snp2sxp.sys
[2010-10-15 17:52:43 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempzj3684.html
[2010-10-15 17:52:43 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempnB3684.html
[2010-10-14 16:52:10 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempup2100.html
[2010-10-14 16:52:10 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempYx2100.html
[2010-10-13 20:12:01 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempjq3696.html
[2010-10-13 20:12:01 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempav3696.html
[2010-10-12 20:36:21 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempSV3904.html
[2010-10-12 20:36:21 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempYJ3904.html
[2010-10-11 16:45:28 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Temppq2040.html
[2010-10-11 16:45:28 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempXj2040.html
[2010-10-10 10:36:01 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempid2496.html
[2010-10-10 10:36:01 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempMI2496.html
[2010-10-09 09:05:52 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempGG2040.html
[2010-10-09 09:05:52 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempEW2040.html
[2010-10-08 19:00:35 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempOEJ316.html
[2010-10-08 19:00:35 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempdLg316.html
[2010-10-07 15:16:24 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempLQ4004.html
[2010-10-07 15:16:24 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempab4004.html
[2010-10-06 16:13:40 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempmV3380.html
[2010-10-06 16:13:40 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempNj3380.html
[2010-10-05 20:43:28 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempzc2572.html
[2010-10-05 20:43:28 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempWX2572.html
[2010-10-04 19:29:07 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Templa3272.html
[2010-10-04 19:29:07 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempnU3272.html
[2010-10-03 08:04:29 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempbi3228.html
[2010-10-03 08:04:29 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempGL3228.html
[2010-10-02 15:17:01 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempza2848.html
[2010-10-02 15:17:01 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempJt2848.html
[2010-10-01 18:00:27 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempmg1124.html
[2010-10-01 18:00:27 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempgo1124.html
[2010-09-30 20:02:53 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempHk3372.html
[2010-09-30 20:02:53 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempwn3372.html
[2010-09-29 19:53:00 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempUx1292.html
[2010-09-29 19:53:00 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempZh1292.html
[2010-09-28 19:52:59 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempzL2004.html
[2010-09-28 19:52:59 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempbt2004.html
[2010-09-27 18:08:34 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempns4064.html
[2010-09-27 18:08:34 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempYH4064.html
[2010-09-26 18:59:40 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempmk3420.html
[2010-09-26 18:59:40 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempLa3420.html
[2010-09-26 13:27:46 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempqQ4060.html
[2010-09-26 13:27:46 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempRW4060.html
[2010-09-23 15:55:33 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempHr3372.html
[2010-09-23 15:55:33 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempZn3372.html
[2010-09-22 19:45:58 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempfj1748.html
[2010-09-22 19:45:58 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Temppt1748.html
[2010-09-21 16:40:10 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempGq2388.html
[2010-09-21 16:40:10 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempSH2388.html
[2010-09-20 18:05:03 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempmg3804.html
[2010-09-20 18:05:03 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempHc3804.html
[2010-09-19 19:49:28 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempJu1268.html
[2010-09-19 19:49:28 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempXY1268.html
[2010-09-19 08:05:15 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempgW1308.html
[2010-09-19 08:05:15 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempuU1308.html
[2010-09-18 11:16:41 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempjTc528.html
[2010-09-18 11:16:41 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempNDH528.html
[2010-09-17 18:18:47 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempDTJ292.html
[2010-09-17 18:18:47 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempOik292.html
[2010-09-16 19:16:16 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempUS3088.html
[2010-09-16 19:16:16 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempdN3088.html
[2010-09-16 17:18:06 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempWt2424.html
[2010-09-16 17:18:06 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempoI2424.html
[2010-09-15 20:01:58 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TemptwU328.html
[2010-09-14 17:48:32 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempWQ3468.html
[2010-09-14 17:48:32 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempzH3468.html
[2010-09-13 18:10:58 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TemplC1036.html
[2010-09-13 18:10:58 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempiP1036.html
[2010-09-12 19:36:03 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempxsL164.html
[2010-09-11 17:01:19 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempUH3632.html
[2010-09-11 17:01:19 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempJu3632.html
[2010-09-10 16:17:59 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempLw3960.html
[2010-09-10 16:17:59 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempQx3960.html
[2010-09-09 20:23:21 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempVj1884.html
[2010-09-09 20:23:21 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempAt1884.html
[2010-09-08 17:05:09 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempcW1040.html
[2010-09-08 17:05:09 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempeb1040.html
[2010-09-06 19:19:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-09-06 19:15:05 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempZD2712.html
[2010-09-06 19:15:05 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Temptx2712.html
[2010-09-05 14:03:25 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempYf3096.html
[2010-09-05 14:03:25 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempGB3096.html
[2010-09-04 10:14:51 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempfSF356.html
[2010-09-04 10:14:51 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempkvF356.html
[2010-09-03 20:08:58 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempMB3964.html
[2010-09-03 20:08:58 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempzM3964.html
[2010-09-03 11:35:20 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TemprLO328.html
[2010-09-03 11:35:20 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempErt328.html
[2010-09-02 10:04:15 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempty1860.html
[2010-09-02 10:04:15 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Templr1860.html
[2010-09-01 18:13:32 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempjJ1752.html
[2010-09-01 18:13:32 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempbA1752.html
[2010-09-01 15:30:52 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempMUj740.html
[2010-09-01 15:30:52 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempJsY740.html
[2010-08-31 15:34:42 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempfR2992.html
[2010-08-31 15:34:42 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempBP2992.html
[2010-08-30 19:08:03 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempEK3132.html
[2010-08-30 19:08:03 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempSA3132.html
[2010-08-29 18:16:32 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempLU3940.html
[2010-08-29 18:16:32 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempZo3940.html
[2010-08-29 10:24:55 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempHV3408.html
[2010-08-29 10:24:55 | 000,002,089 | ---- | C] () -- C:\Users\MASTER\AppData\Local\Tempbw3408.html
[2010-08-28 21:31:53 | 000,002,432 | ---- | C] () -- C:\Users\MASTER\AppData\Local\TempjCK708.html
[2010-08-11 19:26:40 | 000,005,120 | ---- | C] () -- C:\Users\MASTER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-31 12:07:13 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010-07-31 11:31:23 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010-07-31 11:31:22 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010-07-31 11:31:21 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010-07-30 18:45:53 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-07-30 18:45:52 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010-07-30 18:45:45 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010-07-30 18:45:45 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010-07-30 18:45:37 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010-07-30 17:55:38 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-07-29 23:37:03 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010-07-29 23:35:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-04-28 22:17:50 | 000,002,110 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010-01-27 03:09:02 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009-08-27 08:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2009-07-14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003-04-08 10:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI

========== LOP Check ==========

[2010-07-30 18:44:36 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\Ashampoo
[2010-08-10 20:20:10 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\Ashampoo Photo Commander 7
[2010-07-31 11:21:39 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\DAEMON Tools Lite
[2011-02-27 13:23:32 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\EPSON
[2010-07-30 18:48:23 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\Foxit
[2010-08-28 21:30:21 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\Gadu-Gadu 10
[2011-02-22 20:21:27 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\gtk-2.0
[2010-09-19 08:05:51 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\OpenFM
[2011-03-05 19:31:41 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\Orbit
[2010-09-11 09:11:02 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\PhotoScape
[2011-03-05 19:30:06 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\ProgSense
[2011-03-05 20:04:02 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\VDownloader
[2011-02-15 16:05:54 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Mam czegoś w tym poszukać?

#4 mati8898

Początkujący Uczestnik

Grupa: Czytelnicy
Postów 262
Rejestracja: 07-czerwiec 09

Napisano 13 marzec 2011, 09:08

Nie podałaś drugiego logu z OTL (Extras) oraz logu z Gmer. Uzupełnij to.

#5 malenka

Nowy Uczestnik

Grupa: Czytelnicy
Postów 9
Rejestracja: 12-marzec 11

Napisano 13 marzec 2011, 12:30

Użytkownik mati8898 dnia 13 marzec 2011, 09:08 napisał

Nie podałaś drugiego logu z OTL (Extras) oraz logu z Gmer. Uzupełnij to.

Nie zauważyłam

OTL Extras logfile created on: 2011-03-12 22:03:21 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\0 instalki\poszukiwanie wirusow na kompie
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 172,69 Gb Total Space | 143,75 Gb Free Space | 83,24% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 207,25 Gb Free Space | 70,74% Space Free | Partition Type: NTFS
Drive E: | 277,63 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MASTER-KOMPUTER | User Name: MASTER | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-629509063-1113571351-4188246156-1000\SOFTWARE\Classes\<extension> ]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{109E296E-EC1F-4AE3-98F6-037626BBFE82}" = ESET NOD32 Antivirus
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java™ 6 Update 20 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{825C7AAC-C5D5-B89B-EBA1-D4DFC5E46D6C}" = AMD Drag and Drop Transcoding
"{9221C55E-0D1E-BA0E-5219-0564AF763AE7}" = ATI Catalyst Install Manager
"{E1D6317F-4893-6517-838B-ECC5489D1711}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Defraggler" = Defraggler
"EPSON Stylus SX200 Series" = EPSON Stylus SX200 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = Archiwizator WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02993992-FF7E-03C0-3BF7-E892F2CD2B8F}" = Catalyst Control Center HydraVision Full
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{218E787C-BADD-2284-AF4E-A1FA0D56772C}" = Catalyst Control Center Graphics Full Existing
"{21F791BA-E80A-0EEF-9B63-105EB939A5B2}" = CCC Help English
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB6729C-A255-4BC6-90B3-B29F9924C6F5}" = Activision®
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{42EDF895-158C-484E-A7F2-42B90759F281}" = Camera RAW Plug-In for EPSON Creativity Suite
"{44B49543-F839-46ED-61B9-3C91D71C7355}" = Catalyst Control Center Graphics Full New
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po zmroku
"{46CBBDF8-55B5-40DB-B459-7B848394309C}" = EPSON File Manager
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{58401B8E-0889-63C2-1E06-7C6530426411}" = Catalyst Control Center Graphics Previews Vista
"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = Trust Webcam 15007
"{7775B0BF-EC23-00B3-2E0F-D3FE89939C06}" = Catalyst Control Center Core Implementation
"{7AAAB55F-BB15-CEF4-9174-4AF79272D9EE}" = Catalyst Control Center Graphics Light
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty® 2 Patch 1.3
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}" = EPSON Easy Photo Print
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Kariera
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.752
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Wymarzone Podróże
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{CE6B96AF-83ED-9054-0B21-A68AF2EAF106}" = Catalyst Control Center InstallProxy
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D903102F-8294-97B5-3416-67DA5A71C87F}" = Catalyst Control Center Graphics Previews Common
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{DFDB7828-15CF-4507-4998-D0B17A356705}" = ccc-core-static
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E935DF41-EB7A-4519-93E8-C5822EB5B6D6}" = Alicja w Krainie Czarów
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Szybka jazda Akcesoria
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo Photo Commander 7_is1" = Ashampoo Photo Commander 7.10
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EADM" = EA Download Manager
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX200_SX400_TX200_TX400 User’s Guide" = EPSON Stylus SX200_SX400_TX200_TX400 Manual
"Foxit Reader" = Foxit Reader
"Gadu-Gadu 10" = Gadu-Gadu 10
"Google Chrome" = Google Chrome
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{2EB6729C-A255-4BC6-90B3-B29F9924C6F5}" = SHReK TRZeCI™
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.2.0
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Nero8Lite_is1" = Nero 8 Lite 8.3.6.0
"PhotoScape" = PhotoScape
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"VLC media player" = VLC media player 1.1.1
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinPcapInst" = WinPcap 4.1.1
"Xfire" = Xfire (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-629509063-1113571351-4188246156-1000\SOFTWARE\Microsoft\Windows\ CurrentVersion\Uninstall]
"Winamp Detect" = Detektor Winampa

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

I ten GMER:

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-03-13 12:29:33
Windows 6.1.7600
Running: gmer.exe

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x5A 0xF5 0x87 0x0E ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001@hdf12 0x3F 0x87 0x1B 0x23 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001\gdq0@hdf12 0xE6 0xC0 0x3F 0x57 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001\gdq1@hdf12 0x6D 0x4D 0xA6 0x85 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001\gdq2
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001\gdq2@hdf12 0x34 0xA1 0xA9 0xEF ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x5A 0xF5 0x87 0x0E ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001@hdf12 0x3F 0x87 0x1B 0x23 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001\gdq0@hdf12 0xE6 0xC0 0x3F 0x57 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001\gdq1@hdf12 0x6D 0x4D 0xA6 0x85 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001\gdq2 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\ 00000001\gdq2@hdf12 0x34 0xA1 0xA9 0xEF ...
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\MASTER\Desktop\ATI Catalyst\x2122 version 10.5\Windows 7 64-bit\10-5_vista64_win7_64_dd_ccc_enu.exe 1

---- EOF - GMER 1.0.15 ----

#6 mati8898

Początkujący Uczestnik

Grupa: Czytelnicy
Postów 262
Rejestracja: 07-czerwiec 09

Napisano 13 marzec 2011, 14:58

W logach nic szkodliwego nie widać, tylko "kosmetyka".

Uruchom OTL -> w oknie Własne opcje skanowania/skrypt wklej:

:OTL
[2010-11-29 15:36:30 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\MASTER\AppData\Roaming\mozilla\Firefox\Profiles\n67rdjis.
 default\extensions\engine@conduit.com 
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found 

:Files
C:\Users\MASTER\AppData\Local\Temp*.html 

:Commands
[emptytemp]

Klikasz Wykonaj skrypt. Dajesz log z usuwania + nowe logi z OTL.

Dorzuć także log z TDSSKiller -> http://forum.instalk...tart=15#p120292

#7 malenka

Nowy Uczestnik

Grupa: Czytelnicy
Postów 9
Rejestracja: 12-marzec 11

Napisano 13 marzec 2011, 16:15

Po wykonaniu tego skryptu pojawił mi się nowy folder na dysku C: nazwany jest "_OTL" i w środku jest kilka folderów (jeden w drugim), a na końcu jest dużo plików temp...
Mogę to usunąć czy to ważne coś?

A tu ten skrypt:

All processes killed
========== OTL ==========
Folder C:\Users\MASTER\AppData\Roaming\mozilla\Firefox\Profiles\n67rdjis. \ not found.
Prefs.js: engine@conduit.com:3.2.5.2 removed from extensions.enabledItems
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\ \mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\ \mctadmin deleted successfully.
========== FILES ==========
C:\Users\MASTER\AppData\Local\Tempab4004.html moved successfully.
C:\Users\MASTER\AppData\Local\TempaC2864.html moved successfully.
C:\Users\MASTER\AppData\Local\TempAE1848.html moved successfully.
C:\Users\MASTER\AppData\Local\TempANI716.html moved successfully.
C:\Users\MASTER\AppData\Local\TempAt1884.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempav3696.html moved successfully.
C:\Users\MASTER\AppData\Local\TempAW3384.html moved successfully.
C:\Users\MASTER\AppData\Local\TempbA1752.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempbi3228.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempbm3636.html moved successfully.
C:\Users\MASTER\AppData\Local\TempBP2992.html moved successfully.
C:\Users\MASTER\AppData\Local\TempBQ3576.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempbt2004.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempbw3408.html moved successfully.
C:\Users\MASTER\AppData\Local\TempBx3788.html moved successfully.
C:\Users\MASTER\AppData\Local\TempCb2604.html moved successfully.
C:\Users\MASTER\AppData\Local\TempCn3356.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempct3944.html moved successfully.
C:\Users\MASTER\AppData\Local\TempcW1040.html moved successfully.
C:\Users\MASTER\AppData\Local\TempdB2976.html moved successfully.
C:\Users\MASTER\AppData\Local\TempDh2756.html moved successfully.
C:\Users\MASTER\AppData\Local\TempdLg316.html moved successfully.
C:\Users\MASTER\AppData\Local\TempdN3088.html moved successfully.
C:\Users\MASTER\AppData\Local\TempDp3824.html moved successfully.
C:\Users\MASTER\AppData\Local\TempDq3948.html moved successfully.
C:\Users\MASTER\AppData\Local\TempDr1408.html moved successfully.
C:\Users\MASTER\AppData\Local\TempDTJ292.html moved successfully.
C:\Users\MASTER\AppData\Local\TempEa3176.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempeb1040.html moved successfully.
C:\Users\MASTER\AppData\Local\TempEf4004.html moved successfully.
C:\Users\MASTER\AppData\Local\TempeJ2552.html moved successfully.
C:\Users\MASTER\AppData\Local\TempEK3132.html moved successfully.
C:\Users\MASTER\AppData\Local\TempErt328.html moved successfully.
C:\Users\MASTER\AppData\Local\TempEW2040.html moved successfully.
C:\Users\MASTER\AppData\Local\TempEZh332.html moved successfully.
C:\Users\MASTER\AppData\Local\TempFB2156.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempfj1748.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempfj2300.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempfk2864.html moved successfully.
C:\Users\MASTER\AppData\Local\TempfR2992.html moved successfully.
C:\Users\MASTER\AppData\Local\TempfSF356.html moved successfully.
C:\Users\MASTER\AppData\Local\TempFw3576.html moved successfully.
C:\Users\MASTER\AppData\Local\TempFW3976.html moved successfully.
C:\Users\MASTER\AppData\Local\TempfY3288.html moved successfully.
C:\Users\MASTER\AppData\Local\TempGB3096.html moved successfully.
C:\Users\MASTER\AppData\Local\TempgC2752.html moved successfully.
C:\Users\MASTER\AppData\Local\TempgD2468.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempgd2480.html moved successfully.
C:\Users\MASTER\AppData\Local\TempGG2040.html moved successfully.
C:\Users\MASTER\AppData\Local\TempGL3228.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempgo1124.html moved successfully.
C:\Users\MASTER\AppData\Local\TempGq2388.html moved successfully.
C:\Users\MASTER\AppData\Local\TempgQ2468.html moved successfully.
C:\Users\MASTER\AppData\Local\TempgW1308.html moved successfully.
C:\Users\MASTER\AppData\Local\TempHB1476.html moved successfully.
C:\Users\MASTER\AppData\Local\TempHc3804.html moved successfully.
C:\Users\MASTER\AppData\Local\Temphd3880.html moved successfully.
C:\Users\MASTER\AppData\Local\TempHh2856.html moved successfully.
C:\Users\MASTER\AppData\Local\TempHi1476.html moved successfully.
C:\Users\MASTER\AppData\Local\TempHk3372.html moved successfully.
C:\Users\MASTER\AppData\Local\TemphR1000.html moved successfully.
C:\Users\MASTER\AppData\Local\TempHr3372.html moved successfully.
C:\Users\MASTER\AppData\Local\TemphV2244.html moved successfully.
C:\Users\MASTER\AppData\Local\TempHV3408.html moved successfully.
C:\Users\MASTER\AppData\Local\TempHz1408.html moved successfully.
C:\Users\MASTER\AppData\Local\TempIc3700.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempid2496.html moved successfully.
C:\Users\MASTER\AppData\Local\TempIH2480.html moved successfully.
C:\Users\MASTER\AppData\Local\TempiP1036.html moved successfully.
C:\Users\MASTER\AppData\Local\TempiU3288.html moved successfully.
C:\Users\MASTER\AppData\Local\TempjCK708.html moved successfully.
C:\Users\MASTER\AppData\Local\TempJd2752.html moved successfully.
C:\Users\MASTER\AppData\Local\TempJg2552.html moved successfully.
C:\Users\MASTER\AppData\Local\TempjJ1752.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempjl2156.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempjq3696.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempjsl664.html moved successfully.
C:\Users\MASTER\AppData\Local\TempJsY740.html moved successfully.
C:\Users\MASTER\AppData\Local\TempJt2848.html moved successfully.
C:\Users\MASTER\AppData\Local\TempjTc528.html moved successfully.
C:\Users\MASTER\AppData\Local\TempJu1268.html moved successfully.
C:\Users\MASTER\AppData\Local\TempJu3632.html moved successfully.
C:\Users\MASTER\AppData\Local\TempJv3404.html moved successfully.
C:\Users\MASTER\AppData\Local\TempJY1708.html moved successfully.
C:\Users\MASTER\AppData\Local\TempjY3680.html moved successfully.
C:\Users\MASTER\AppData\Local\TempKC3880.html moved successfully.
C:\Users\MASTER\AppData\Local\TempKf3976.html moved successfully.
C:\Users\MASTER\AppData\Local\TempKm3312.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempks3088.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempkv1584.html moved successfully.
C:\Users\MASTER\AppData\Local\TempkvF356.html moved successfully.
C:\Users\MASTER\AppData\Local\TempKxs432.html moved successfully.
C:\Users\MASTER\AppData\Local\Templa3272.html moved successfully.
C:\Users\MASTER\AppData\Local\TempLa3420.html moved successfully.
C:\Users\MASTER\AppData\Local\TemplC1036.html moved successfully.
C:\Users\MASTER\AppData\Local\TemplC3160.html moved successfully.
C:\Users\MASTER\AppData\Local\TempLl3404.html moved successfully.
C:\Users\MASTER\AppData\Local\TempLQ4004.html moved successfully.
C:\Users\MASTER\AppData\Local\Templr1860.html moved successfully.
C:\Users\MASTER\AppData\Local\TempLU3940.html moved successfully.
C:\Users\MASTER\AppData\Local\Templw3796.html moved successfully.
C:\Users\MASTER\AppData\Local\TempLw3960.html moved successfully.
C:\Users\MASTER\AppData\Local\TempLxw664.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempma3700.html moved successfully.
C:\Users\MASTER\AppData\Local\TempMB3964.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempmg1124.html moved successfully.
C:\Users\MASTER\AppData\Local\TempMg3188.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempmg3804.html moved successfully.
C:\Users\MASTER\AppData\Local\TempMI2496.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempmk3420.html moved successfully.
C:\Users\MASTER\AppData\Local\TempmM3896.html moved successfully.
C:\Users\MASTER\AppData\Local\TempMt3188.html moved successfully.
C:\Users\MASTER\AppData\Local\TempMUj740.html moved successfully.
C:\Users\MASTER\AppData\Local\TempmV3380.html moved successfully.
C:\Users\MASTER\AppData\Local\TempMwB936.html moved successfully.
C:\Users\MASTER\AppData\Local\TempnA3312.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempna3844.html moved successfully.
C:\Users\MASTER\AppData\Local\TempnB3684.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempnd3904.html moved successfully.
C:\Users\MASTER\AppData\Local\TempNDH528.html moved successfully.
C:\Users\MASTER\AppData\Local\TempNJ2688.html moved successfully.
C:\Users\MASTER\AppData\Local\TempNj3380.html moved successfully.
C:\Users\MASTER\AppData\Local\TempnQo936.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempns4064.html moved successfully.
C:\Users\MASTER\AppData\Local\TempnU3272.html moved successfully.
C:\Users\MASTER\AppData\Local\TempnZ1232.html moved successfully.
C:\Users\MASTER\AppData\Local\TempOB3160.html moved successfully.
C:\Users\MASTER\AppData\Local\TempoD3424.html moved successfully.
C:\Users\MASTER\AppData\Local\TempOEJ316.html moved successfully.
C:\Users\MASTER\AppData\Local\TempOH3736.html moved successfully.
C:\Users\MASTER\AppData\Local\TempoI2424.html moved successfully.
C:\Users\MASTER\AppData\Local\TempOik292.html moved successfully.
C:\Users\MASTER\AppData\Local\TempOM3824.html moved successfully.
C:\Users\MASTER\AppData\Local\TempOQ3680.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempoq4072.html moved successfully.
C:\Users\MASTER\AppData\Local\TempOS2936.html moved successfully.
C:\Users\MASTER\AppData\Local\TempoY3788.html moved successfully.
C:\Users\MASTER\AppData\Local\TempPc2936.html moved successfully.
C:\Users\MASTER\AppData\Local\TemppdD332.html moved successfully.
C:\Users\MASTER\AppData\Local\TemppO3800.html moved successfully.
C:\Users\MASTER\AppData\Local\TempPp1284.html moved successfully.
C:\Users\MASTER\AppData\Local\Temppq2040.html moved successfully.
C:\Users\MASTER\AppData\Local\Temppt1748.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempqa3880.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempqb3948.html moved successfully.
C:\Users\MASTER\AppData\Local\TempQd1584.html moved successfully.
C:\Users\MASTER\AppData\Local\TempqH1344.html moved successfully.
C:\Users\MASTER\AppData\Local\TempqO3800.html moved successfully.
C:\Users\MASTER\AppData\Local\TempQo4060.html moved successfully.
C:\Users\MASTER\AppData\Local\TempqQ4060.html moved successfully.
C:\Users\MASTER\AppData\Local\TempQT3564.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempqu2812.html moved successfully.
C:\Users\MASTER\AppData\Local\TempQx3960.html moved successfully.
C:\Users\MASTER\AppData\Local\TemprD3248.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempre1344.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempre3928.html moved successfully.
C:\Users\MASTER\AppData\Local\Temprk3356.html moved successfully.
C:\Users\MASTER\AppData\Local\TemprLO328.html moved successfully.
C:\Users\MASTER\AppData\Local\TempRW4060.html moved successfully.
C:\Users\MASTER\AppData\Local\Temprx3880.html moved successfully.
C:\Users\MASTER\AppData\Local\TempSA3132.html moved successfully.
C:\Users\MASTER\AppData\Local\TempSH2388.html moved successfully.
C:\Users\MASTER\AppData\Local\TempsK4092.html moved successfully.
C:\Users\MASTER\AppData\Local\TempsT3384.html moved successfully.
C:\Users\MASTER\AppData\Local\TempSV3904.html moved successfully.
C:\Users\MASTER\AppData\Local\TempsW4004.html moved successfully.
C:\Users\MASTER\AppData\Local\TempTJ3948.html moved successfully.
C:\Users\MASTER\AppData\Local\TempTq2812.html moved successfully.
C:\Users\MASTER\AppData\Local\TempTS3716.html moved successfully.
C:\Users\MASTER\AppData\Local\Temptt3844.html moved successfully.
C:\Users\MASTER\AppData\Local\TempTT4092.html moved successfully.
C:\Users\MASTER\AppData\Local\TempTv1232.html moved successfully.
C:\Users\MASTER\AppData\Local\TempTV2756.html moved successfully.
C:\Users\MASTER\AppData\Local\TempTV3852.html moved successfully.
C:\Users\MASTER\AppData\Local\TempTW3716.html moved successfully.
C:\Users\MASTER\AppData\Local\TemptwU328.html moved successfully.
C:\Users\MASTER\AppData\Local\Temptx2712.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempty1860.html moved successfully.
C:\Users\MASTER\AppData\Local\TempUH3632.html moved successfully.
C:\Users\MASTER\AppData\Local\TempuJ2688.html moved successfully.
C:\Users\MASTER\AppData\Local\TempUn3248.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempup2100.html moved successfully.
C:\Users\MASTER\AppData\Local\TempUpv432.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempur1708.html moved successfully.
C:\Users\MASTER\AppData\Local\TempUS3088.html moved successfully.
C:\Users\MASTER\AppData\Local\TempuU1308.html moved successfully.
C:\Users\MASTER\AppData\Local\TempUx1292.html moved successfully.
C:\Users\MASTER\AppData\Local\TempUY1848.html moved successfully.
C:\Users\MASTER\AppData\Local\TempVj1884.html moved successfully.
C:\Users\MASTER\AppData\Local\TempvU3248.html moved successfully.
C:\Users\MASTER\AppData\Local\TempVv3088.html moved successfully.
C:\Users\MASTER\AppData\Local\TempVv3448.html moved successfully.
C:\Users\MASTER\AppData\Local\TempWB3796.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempwf4072.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempwh3852.html moved successfully.
C:\Users\MASTER\AppData\Local\TempwI2812.html moved successfully.
C:\Users\MASTER\AppData\Local\TempwJ3424.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempwn3372.html moved successfully.
C:\Users\MASTER\AppData\Local\TempWQ3468.html moved successfully.
C:\Users\MASTER\AppData\Local\TempWR3176.html moved successfully.
C:\Users\MASTER\AppData\Local\TempWt2424.html moved successfully.
C:\Users\MASTER\AppData\Local\TempwV1000.html moved successfully.
C:\Users\MASTER\AppData\Local\TempWX2572.html moved successfully.
C:\Users\MASTER\AppData\Local\TempXc3564.html moved successfully.
C:\Users\MASTER\AppData\Local\TempXj2040.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempxo3248.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempxr2300.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempxr2976.html moved successfully.
C:\Users\MASTER\AppData\Local\TempxsL164.html moved successfully.
C:\Users\MASTER\AppData\Local\TempxU3736.html moved successfully.
C:\Users\MASTER\AppData\Local\TempXu3928.html moved successfully.
C:\Users\MASTER\AppData\Local\TempxW3448.html moved successfully.
C:\Users\MASTER\AppData\Local\TempXY1268.html moved successfully.
C:\Users\MASTER\AppData\Local\TempYf3096.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempyh3896.html moved successfully.
C:\Users\MASTER\AppData\Local\TempyH3944.html moved successfully.
C:\Users\MASTER\AppData\Local\TempYH4064.html moved successfully.
C:\Users\MASTER\AppData\Local\TempYi3904.html moved successfully.
C:\Users\MASTER\AppData\Local\TempYJ3904.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempyt2856.html moved successfully.
C:\Users\MASTER\AppData\Local\TempYx2100.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempza2848.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempzc2572.html moved successfully.
C:\Users\MASTER\AppData\Local\TempZD2712.html moved successfully.
C:\Users\MASTER\AppData\Local\TempZh1292.html moved successfully.
C:\Users\MASTER\AppData\Local\TempzH3468.html moved successfully.
C:\Users\MASTER\AppData\Local\TempZJ3416.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempzj3684.html moved successfully.
C:\Users\MASTER\AppData\Local\TempzL2004.html moved successfully.
C:\Users\MASTER\AppData\Local\TempzM3964.html moved successfully.
C:\Users\MASTER\AppData\Local\TempZn3372.html moved successfully.
C:\Users\MASTER\AppData\Local\TempZo3940.html moved successfully.
C:\Users\MASTER\AppData\Local\Tempzv1804.html moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: MASTER
->Temp folder emptied: 1328122167 bytes
->Temporary Internet Files folder emptied: 41813342 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 124756661 bytes
->Google Chrome cache emptied: 28140495 bytes
->Flash cache emptied: 80830 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49900277 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\ Windows\Temporary Internet Files folder emptied: 67898 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 500,00 mb

OTL by OldTimer - Version 3.2.22.3 log created on 03132011_154124

Files\Folders moved on Reboot...
C:\Users\MASTER\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

A tu są te raporty z OTL zrobione przed chwilą

OTL logfile created on: 2011-03-13 15:53:56 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\0 instalki\poszukiwanie wirusow na kompie
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 172,69 Gb Total Space | 144,68 Gb Free Space | 83,78% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 207,25 Gb Free Space | 70,74% Space Free | Partition Type: NTFS
Drive E: | 277,63 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MASTER-KOMPUTER | User Name: MASTER | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-03-12 22:00:38 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\0 instalki\poszukiwanie wirusow na kompie\OTL.com
PRC - [2011-03-06 14:32:44 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011-02-20 20:33:06 | 000,214,520 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010-07-31 12:07:13 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010-04-07 20:08:52 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010-04-01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009-08-04 16:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009-08-04 16:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2007-09-02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
PRC - [2006-09-15 12:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\Windows\vsnp2std.exe

========== Modules (SafeList) ==========

MOD - [2011-03-12 22:00:38 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\0 instalki\poszukiwanie wirusow na kompie\OTL.com
MOD - [2010-08-21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\ comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010-05-05 03:15:10 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010-04-07 20:13:22 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010-04-07 20:08:52 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011-02-20 20:33:06 | 000,214,520 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010-07-31 12:07:13 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-08-04 16:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007-12-17 04:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007-01-11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010-07-30 18:48:00 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010-05-05 03:47:08 | 006,789,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010-05-05 02:23:24 | 000,221,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010-04-07 20:10:22 | 000,124,760 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010-04-07 20:08:38 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010-04-07 20:05:24 | 000,164,912 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010-03-09 11:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010-01-27 03:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2009-07-30 12:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009-07-17 19:52:00 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007-04-09 10:37:18 | 012,342,656 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2007-04-09 10:38:06 | 012,039,552 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\S-1-5-21-629509063-1113571351-4188246156-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\S-1-5-21-629509063-1113571351-4188246156-1000\Software\Microsoft\Windows\ CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.o2.pl/"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-03-06 14:32:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-03-06 14:32:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-07-29 23:30:22 | 000,000,000 | ---D | M]

[2010-07-30 17:49:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MASTER\AppData\Roaming\mozilla\Extensions
[2011-03-12 17:18:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MASTER\AppData\Roaming\mozilla\Firefox\Profiles\n67rdjis. default\extensions
[2010-11-29 15:36:29 | 000,000,000 | ---D | M] (InnoGames Polska Community Toolbar) -- C:\Users\MASTER\AppData\Roaming\mozilla\Firefox\Profiles\n67rdjis. default\extensions\{14f6a182-4c6f-45ae-9f5a-aa3ccbb1cfa3}
[2010-11-29 15:36:30 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\MASTER\AppData\Roaming\mozilla\Firefox\Profiles\n67rdjis. default\extensions\engine@conduit.com
[2011-01-16 17:54:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011-03-06 14:32:46 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2011-03-06 14:32:46 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2011-03-06 14:32:46 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2011-03-06 14:32:46 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2011-03-06 14:32:46 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-03-06 14:32:46 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-629509063-1113571351-4188246156-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-629509063-1113571351-4188246156-1000..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-629509063-1113571351-4188246156-1000..\Run: [EPSON Stylus SX200 Series] File not found
O4 - HKU\S-1-5-21-629509063-1113571351-4188246156-1000..\Run: [EPSON Stylus SX200 Series (Kopia 1)] File not found
O4 - HKU\S-1-5-21-629509063-1113571351-4188246156-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-04-18 18:37:34 | 000,000,029 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{67395d80-9bfd-11df-af46-6cf049942394}\Shell - "" = AutoRun
O33 - MountPoints2\{67395d80-9bfd-11df-af46-6cf049942394}\Shell\AutoRun\command - "" = I:\Setup\rsrc\autorun.exe
O33 - MountPoints2\{67395d80-9bfd-11df-af46-6cf049942394}\Shell\dinstall\command - "" = I:\Directx\dxsetup.exe
O33 - MountPoints2\{a70c7f8e-9b60-11df-9008-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a70c7f8e-9b60-11df-9008-806e6f6e6963}\Shell\AutoRun\command - "" = E:\EPSetup.exe -- [2008-01-28 05:43:00 | 000,636,848 | R--- | M] (SEIKO EPSON CORPORATION)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-03-13 15:41:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-03-11 20:50:28 | 000,000,000 | ---D | C] -- C:\Users\MASTER\Desktop\ss
[2011-03-09 19:29:11 | 000,000,000 | ---D | C] -- C:\Users\MASTER\Desktop\crow
[2011-03-09 16:18:05 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011-03-09 16:18:05 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011-03-09 16:18:04 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011-03-09 16:18:04 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011-03-09 16:18:03 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011-03-09 16:18:03 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011-03-09 16:18:03 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011-03-09 16:18:03 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011-03-09 16:18:03 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011-03-09 16:18:03 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011-03-09 16:18:02 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011-03-09 16:18:02 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011-03-09 16:18:01 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011-03-09 16:18:01 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011-03-09 16:18:00 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011-03-09 16:18:00 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011-03-05 19:38:14 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Roaming\VDownloader
[2011-03-05 19:38:14 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Local\VDownloader
[2011-03-05 19:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2011-03-05 19:37:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader
[2011-03-05 19:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VDownloader
[2011-03-05 19:30:07 | 000,000,000 | ---D | C] -- C:\Downloads
[2011-03-05 19:30:06 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Roaming\ProgSense
[2011-03-05 19:29:52 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Roaming\Orbit
[2011-02-27 13:23:32 | 000,000,000 | ---D | C] -- C:\Users\MASTER\AppData\Roaming\EPSON
[2011-02-27 12:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2011-02-27 12:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite
[2011-02-27 12:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
[2011-02-27 12:57:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
[2011-02-27 12:54:12 | 000,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICSDK2.dll
[2011-02-27 12:54:12 | 000,120,992 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\EpPicPrt.dll
[2011-02-27 12:54:12 | 000,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICEntry.dll
[2011-02-27 12:54:12 | 000,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICSDK.dll
[2011-02-27 12:54:12 | 000,071,840 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\EPPicMgr.dll
[2011-02-27 12:53:47 | 000,083,968 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxcwiad.dll
[2011-02-23 20:50:05 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011-02-23 20:50:05 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011-02-23 20:50:05 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011-02-23 20:50:04 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011-02-19 22:58:30 | 000,000,000 | ---D | C] -- C:\Users\MASTER\Desktop\taekwondo
[2010-10-15 19:09:00 | 000,151,552 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2std.dll

========== Files - Modified Within 30 Days ==========

[2011-03-13 15:49:16 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-03-13 15:49:16 | 000,697,674 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2011-03-13 15:49:16 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-03-13 15:49:16 | 000,134,784 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2011-03-13 15:49:16 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-03-13 15:43:35 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-03-13 15:43:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-03-13 15:43:25 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2011-03-13 15:15:01 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-03-13 13:21:26 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115- 601632D005A0
[2011-03-13 13:21:26 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115- 601632D005A0
[2011-03-12 20:29:49 | 000,021,517 | ---- | M] () -- C:\Users\MASTER\Desktop\wirus.png
[2011-03-12 10:15:34 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011-03-09 19:31:24 | 000,007,168 | -H-- | M] () -- C:\Users\MASTER\Desktop\photothumb.db
[2011-03-05 19:37:38 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\VDownloader.lnk
[2011-02-27 13:01:06 | 000,002,288 | ---- | M] () -- C:\Users\Public\Desktop\EPSON File Manager.lnk
[2011-02-27 12:54:06 | 000,002,235 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Stylus SX200_SX400_TX200_TX400 Manual.lnk
[2011-02-27 12:53:47 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011-02-26 02:19:32 | 000,041,872 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2011-02-26 02:19:32 | 000,027,536 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2011-02-22 20:25:10 | 000,002,098 | ---- | M] () -- C:\Users\MASTER\.recently-used.xbel
[2011-02-20 20:33:06 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011-02-20 20:33:06 | 000,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-02-19 07:37:10 | 001,540,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011-02-19 07:36:49 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011-02-19 06:32:48 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011-02-19 06:32:35 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll

========== Files Created - No Company Name ==========

[2011-03-12 20:29:48 | 000,021,517 | ---- | C] () -- C:\Users\MASTER\Desktop\wirus.png
[2011-03-05 19:37:38 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2011-03-05 19:37:38 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\VDownloader.lnk
[2011-02-27 13:01:06 | 000,002,288 | ---- | C] () -- C:\Users\Public\Desktop\EPSON File Manager.lnk
[2011-02-27 12:54:12 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011-02-27 12:54:12 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011-02-27 12:54:12 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011-02-27 12:54:12 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011-02-27 12:54:12 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011-02-27 12:54:12 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011-02-27 12:54:12 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011-02-27 12:54:12 | 000,013,732 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_EN.cfg
[2011-02-27 12:54:12 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011-02-27 12:54:12 | 000,006,442 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_IT.cfg
[2011-02-27 12:54:12 | 000,006,347 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_PT.cfg
[2011-02-27 12:54:12 | 000,006,347 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_BP.cfg
[2011-02-27 12:54:12 | 000,006,335 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_GE.cfg
[2011-02-27 12:54:12 | 000,006,195 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_FR.cfg
[2011-02-27 12:54:12 | 000,006,195 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_CF.cfg
[2011-02-27 12:54:12 | 000,006,122 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_DU.cfg
[2011-02-27 12:54:12 | 000,006,103 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_ES.cfg
[2011-02-27 12:54:12 | 000,005,817 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_KO.cfg
[2011-02-27 12:54:12 | 000,005,436 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_SC.cfg
[2011-02-27 12:54:12 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011-02-27 12:54:12 | 000,002,889 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_RU.cfg
[2011-02-27 12:54:12 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_TC.cfg
[2011-02-27 12:54:12 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2011-02-27 12:54:12 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011-02-27 12:54:12 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011-02-27 12:54:12 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011-02-27 12:54:12 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011-02-27 12:54:12 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011-02-27 12:54:12 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2011-02-27 12:54:12 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2011-02-27 12:54:12 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011-02-27 12:54:12 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011-02-27 12:54:06 | 000,002,235 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Stylus SX200_SX400_TX200_TX400 Manual.lnk
[2011-02-27 12:53:47 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011-02-26 02:19:32 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011-02-26 02:19:32 | 000,027,536 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2011-02-22 20:25:10 | 000,002,098 | ---- | C] () -- C:\Users\MASTER\.recently-used.xbel
[2011-02-09 13:40:28 | 000,000,266 | ---- | C] () -- C:\Windows\game.ini
[2011-01-23 20:53:06 | 000,000,025 | ---- | C] () -- C:\Windows\CDE SX200DEFGIPS.ini
[2010-10-15 19:09:07 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2010-10-15 19:09:02 | 000,025,472 | ---- | C] () -- C:\Windows\SysWow64\drivers\sncamd.sys
[2010-10-15 19:09:01 | 012,039,552 | ---- | C] () -- C:\Windows\SysWow64\drivers\snp2sxp.sys
[2010-09-06 19:19:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010-08-11 19:26:40 | 000,005,120 | ---- | C] () -- C:\Users\MASTER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-31 12:07:13 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010-07-31 11:31:23 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010-07-31 11:31:22 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010-07-31 11:31:21 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010-07-30 18:45:53 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-07-30 18:45:52 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010-07-30 18:45:45 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010-07-30 18:45:45 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010-07-30 18:45:37 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010-07-30 17:55:38 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-07-29 23:37:03 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010-07-29 23:35:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010-04-28 22:17:50 | 000,002,110 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010-01-27 03:09:02 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009-08-27 08:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2009-07-14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003-04-08 10:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI

========== LOP Check ==========

[2010-07-30 18:44:36 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\Ashampoo
[2010-08-10 20:20:10 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\Ashampoo Photo Commander 7
[2010-07-31 11:21:39 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\DAEMON Tools Lite
[2011-02-27 13:23:32 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\EPSON
[2010-07-30 18:48:23 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\Foxit
[2010-08-28 21:30:21 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\Gadu-Gadu 10
[2011-02-22 20:21:27 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\gtk-2.0
[2010-09-19 08:05:51 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\OpenFM
[2011-03-05 19:31:41 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\Orbit
[2010-09-11 09:11:02 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\PhotoScape
[2011-03-05 19:30:06 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\ProgSense
[2011-03-05 20:04:02 | 000,000,000 | ---D | M] -- C:\Users\MASTER\AppData\Roaming\VDownloader
[2011-02-15 16:05:54 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Extras:

OTL Extras logfile created on: 2011-03-13 15:53:56 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\0 instalki\poszukiwanie wirusow na kompie
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 172,69 Gb Total Space | 144,68 Gb Free Space | 83,78% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 207,25 Gb Free Space | 70,74% Space Free | Partition Type: NTFS
Drive E: | 277,63 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MASTER-KOMPUTER | User Name: MASTER | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-629509063-1113571351-4188246156-1000\SOFTWARE\Classes\<extension> ]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{109E296E-EC1F-4AE3-98F6-037626BBFE82}" = ESET NOD32 Antivirus
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java™ 6 Update 20 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{825C7AAC-C5D5-B89B-EBA1-D4DFC5E46D6C}" = AMD Drag and Drop Transcoding
"{9221C55E-0D1E-BA0E-5219-0564AF763AE7}" = ATI Catalyst Install Manager
"{E1D6317F-4893-6517-838B-ECC5489D1711}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Defraggler" = Defraggler
"EPSON Stylus SX200 Series" = EPSON Stylus SX200 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = Archiwizator WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02993992-FF7E-03C0-3BF7-E892F2CD2B8F}" = Catalyst Control Center HydraVision Full
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{218E787C-BADD-2284-AF4E-A1FA0D56772C}" = Catalyst Control Center Graphics Full Existing
"{21F791BA-E80A-0EEF-9B63-105EB939A5B2}" = CCC Help English
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB6729C-A255-4BC6-90B3-B29F9924C6F5}" = Activision®
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{42EDF895-158C-484E-A7F2-42B90759F281}" = Camera RAW Plug-In for EPSON Creativity Suite
"{44B49543-F839-46ED-61B9-3C91D71C7355}" = Catalyst Control Center Graphics Full New
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po zmroku
"{46CBBDF8-55B5-40DB-B459-7B848394309C}" = EPSON File Manager
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{58401B8E-0889-63C2-1E06-7C6530426411}" = Catalyst Control Center Graphics Previews Vista
"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = Trust Webcam 15007
"{7775B0BF-EC23-00B3-2E0F-D3FE89939C06}" = Catalyst Control Center Core Implementation
"{7AAAB55F-BB15-CEF4-9174-4AF79272D9EE}" = Catalyst Control Center Graphics Light
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty® 2 Patch 1.3
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}" = EPSON Easy Photo Print
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Kariera
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.752
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Wymarzone Podróże
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{CE6B96AF-83ED-9054-0B21-A68AF2EAF106}" = Catalyst Control Center InstallProxy
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D903102F-8294-97B5-3416-67DA5A71C87F}" = Catalyst Control Center Graphics Previews Common
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{DFDB7828-15CF-4507-4998-D0B17A356705}" = ccc-core-static
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E935DF41-EB7A-4519-93E8-C5822EB5B6D6}" = Alicja w Krainie Czarów
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Szybka jazda Akcesoria
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo Photo Commander 7_is1" = Ashampoo Photo Commander 7.10
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EADM" = EA Download Manager
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX200_SX400_TX200_TX400 User’s Guide" = EPSON Stylus SX200_SX400_TX200_TX400 Manual
"Foxit Reader" = Foxit Reader
"Gadu-Gadu 10" = Gadu-Gadu 10
"Google Chrome" = Google Chrome
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{2EB6729C-A255-4BC6-90B3-B29F9924C6F5}" = SHReK TRZeCI™
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.2.0
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Nero8Lite_is1" = Nero 8 Lite 8.3.6.0
"PhotoScape" = PhotoScape
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"VLC media player" = VLC media player 1.1.1
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinPcapInst" = WinPcap 4.1.1
"Xfire" = Xfire (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-629509063-1113571351-4188246156-1000\SOFTWARE\Microsoft\Windows\ CurrentVersion\Uninstall]
"Winamp Detect" = Detektor Winampa

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

I ten raport z Kaspersky:

2011/03/13 16:12:10.0649 2656 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/13 16:12:10.0938 2656 ================================================================================
2011/03/13 16:12:10.0938 2656 SystemInfo:
2011/03/13 16:12:10.0938 2656
2011/03/13 16:12:10.0938 2656 OS Version: 6.1.7600 ServicePack: 0.0
2011/03/13 16:12:10.0938 2656 Product type: Workstation
2011/03/13 16:12:10.0938 2656 ComputerName: MASTER-KOMPUTER
2011/03/13 16:12:10.0939 2656 UserName: MASTER
2011/03/13 16:12:10.0939 2656 Windows directory: C:\Windows
2011/03/13 16:12:10.0939 2656 System windows directory: C:\Windows
2011/03/13 16:12:10.0939 2656 Running under WOW64
2011/03/13 16:12:10.0939 2656 Processor architecture: Intel x64
2011/03/13 16:12:10.0939 2656 Number of processors: 2
2011/03/13 16:12:10.0939 2656 Page size: 0x1000
2011/03/13 16:12:10.0939 2656 Boot type: Normal boot
2011/03/13 16:12:10.0939 2656 ================================================================================
2011/03/13 16:12:12.0627 2656 Initialize success
2011/03/13 16:12:21.0890 2384 ================================================================================
2011/03/13 16:12:21.0890 2384 Scan started
2011/03/13 16:12:21.0890 2384 Mode: Manual;
2011/03/13 16:12:21.0890 2384 ================================================================================
2011/03/13 16:12:22.0446 2384 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/03/13 16:12:22.0500 2384 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/03/13 16:12:22.0525 2384 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/03/13 16:12:22.0557 2384 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/03/13 16:12:22.0595 2384 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/03/13 16:12:22.0621 2384 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/03/13 16:12:22.0678 2384 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/03/13 16:12:22.0708 2384 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/03/13 16:12:22.0736 2384 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/03/13 16:12:22.0771 2384 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/03/13 16:12:22.0794 2384 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/03/13 16:12:22.0958 2384 amdkmdag (c6c0f73a038ff38ebbd9c16f79f8d3e3) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/03/13 16:12:23.0117 2384 amdkmdap (4647d713cff04fae4f862b3144725bc1) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/03/13 16:12:23.0141 2384 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/03/13 16:12:23.0170 2384 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2011/03/13 16:12:23.0196 2384 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/03/13 16:12:23.0219 2384 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2011/03/13 16:12:23.0252 2384 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/03/13 16:12:23.0288 2384 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/03/13 16:12:23.0307 2384 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/03/13 16:12:23.0332 2384 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/13 16:12:23.0355 2384 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/03/13 16:12:23.0408 2384 AtiHdmiService (7e2f5a758f63f80f8b03f889b4e6b19f) C:\Windows\system32\drivers\AtiHdmi.sys
2011/03/13 16:12:23.0459 2384 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/03/13 16:12:23.0501 2384 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/03/13 16:12:23.0539 2384 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/03/13 16:12:23.0587 2384 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/03/13 16:12:23.0606 2384 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/13 16:12:23.0620 2384 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/03/13 16:12:23.0646 2384 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/03/13 16:12:23.0678 2384 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/03/13 16:12:23.0693 2384 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/03/13 16:12:23.0709 2384 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/03/13 16:12:23.0725 2384 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/03/13 16:12:23.0741 2384 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/03/13 16:12:23.0776 2384 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/13 16:12:23.0798 2384 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/03/13 16:12:23.0818 2384 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/03/13 16:12:23.0854 2384 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/03/13 16:12:23.0915 2384 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/03/13 16:12:23.0939 2384 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/03/13 16:12:23.0965 2384 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/03/13 16:12:23.0990 2384 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/03/13 16:12:24.0012 2384 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/03/13 16:12:24.0043 2384 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/03/13 16:12:24.0084 2384 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
2011/03/13 16:12:24.0149 2384 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/03/13 16:12:24.0170 2384 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/03/13 16:12:24.0204 2384 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/03/13 16:12:24.0248 2384 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/03/13 16:12:24.0300 2384 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/13 16:12:24.0346 2384 eamonm (3350047362c39b060dc1d94079be72b5) C:\Windows\system32\DRIVERS\eamonm.sys
2011/03/13 16:12:24.0443 2384 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/03/13 16:12:24.0540 2384 ehdrv (f3697a759f8381031dd328acc29ce26e) C:\Windows\system32\DRIVERS\ehdrv.sys
2011/03/13 16:12:24.0593 2384 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/03/13 16:12:24.0617 2384 epfwwfpr (2e90be3f908f75d2196d2375aa38035d) C:\Windows\system32\DRIVERS\epfwwfpr.sys
2011/03/13 16:12:24.0668 2384 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/03/13 16:12:24.0695 2384 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/03/13 16:12:24.0720 2384 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/03/13 16:12:24.0745 2384 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/13 16:12:24.0773 2384 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/03/13 16:12:24.0794 2384 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/03/13 16:12:24.0816 2384 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/13 16:12:24.0838 2384 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/03/13 16:12:24.0872 2384 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/03/13 16:12:24.0894 2384 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/13 16:12:24.0938 2384 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/03/13 16:12:24.0958 2384 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/03/13 16:12:25.0009 2384 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/03/13 16:12:25.0049 2384 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/03/13 16:12:25.0074 2384 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/03/13 16:12:25.0087 2384 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/03/13 16:12:25.0103 2384 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/03/13 16:12:25.0125 2384 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/03/13 16:12:25.0168 2384 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/03/13 16:12:25.0204 2384 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/03/13 16:12:25.0236 2384 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/03/13 16:12:25.0268 2384 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/03/13 16:12:25.0291 2384 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/03/13 16:12:25.0318 2384 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/03/13 16:12:25.0350 2384 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/03/13 16:12:25.0429 2384 IntcAzAudAddService (f04d22d7a49a1b2210dbadf0b803e870) C:\Windows\system32\drivers\RTKVHD64.sys
2011/03/13 16:12:25.0499 2384 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/03/13 16:12:25.0526 2384 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/13 16:12:25.0548 2384 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/13 16:12:25.0570 2384 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/03/13 16:12:25.0597 2384 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/03/13 16:12:25.0629 2384 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/03/13 16:12:25.0642 2384 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/03/13 16:12:25.0669 2384 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/03/13 16:12:25.0688 2384 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/03/13 16:12:25.0817 2384 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/03/13 16:12:25.0858 2384 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/13 16:12:25.0887 2384 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/03/13 16:12:25.0906 2384 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/03/13 16:12:25.0949 2384 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/13 16:12:25.0979 2384 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/03/13 16:12:25.0995 2384 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/03/13 16:12:26.0017 2384 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/03/13 16:12:26.0033 2384 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/03/13 16:12:26.0057 2384 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/03/13 16:12:26.0080 2384 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/03/13 16:12:26.0101 2384 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/03/13 16:12:26.0125 2384 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/03/13 16:12:26.0150 2384 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/13 16:12:26.0169 2384 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/03/13 16:12:26.0190 2384 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/03/13 16:12:26.0210 2384 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/03/13 16:12:26.0225 2384 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/03/13 16:12:26.0246 2384 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/13 16:12:26.0277 2384 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/03/13 16:12:26.0308 2384 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/13 16:12:26.0332 2384 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/13 16:12:26.0369 2384 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/13 16:12:26.0392 2384 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/03/13 16:12:26.0418 2384 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/03/13 16:12:26.0461 2384 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/03/13 16:12:26.0488 2384 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/03/13 16:12:26.0510 2384 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/03/13 16:12:26.0540 2384 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/13 16:12:26.0562 2384 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/13 16:12:26.0581 2384 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/03/13 16:12:26.0603 2384 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/03/13 16:12:26.0623 2384 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/03/13 16:12:26.0645 2384 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/03/13 16:12:26.0668 2384 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/03/13 16:12:26.0692 2384 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/03/13 16:12:26.0722 2384 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/13 16:12:26.0764 2384 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/03/13 16:12:26.0797 2384 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/03/13 16:12:26.0824 2384 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/13 16:12:26.0838 2384 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/13 16:12:26.0862 2384 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/13 16:12:26.0887 2384 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/03/13 16:12:26.0911 2384 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/13 16:12:26.0937 2384 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/13 16:12:26.0981 2384 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/03/13 16:12:27.0032 2384 npf (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys
2011/03/13 16:12:27.0052 2384 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/03/13 16:12:27.0076 2384 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/13 16:12:27.0123 2384 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/03/13 16:12:27.0179 2384 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/03/13 16:12:27.0206 2384 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/03/13 16:12:27.0231 2384 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2011/03/13 16:12:27.0262 2384 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/03/13 16:12:27.0287 2384 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/03/13 16:12:27.0318 2384 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/03/13 16:12:27.0346 2384 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/03/13 16:12:27.0369 2384 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/03/13 16:12:27.0387 2384 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/03/13 16:12:27.0406 2384 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/03/13 16:12:27.0426 2384 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/03/13 16:12:27.0453 2384 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/03/13 16:12:27.0573 2384 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/13 16:12:27.0600 2384 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/03/13 16:12:27.0638 2384 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/13 16:12:27.0687 2384 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/03/13 16:12:27.0725 2384 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/03/13 16:12:27.0749 2384 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/13 16:12:27.0772 2384 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/13 16:12:27.0796 2384 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/03/13 16:12:27.0825 2384 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/13 16:12:27.0847 2384 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/13 16:12:27.0865 2384 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/13 16:12:27.0893 2384 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/13 16:12:27.0917 2384 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/03/13 16:12:27.0938 2384 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/13 16:12:27.0973 2384 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
2011/03/13 16:12:27.0998 2384 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/13 16:12:28.0017 2384 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/03/13 16:12:28.0039 2384 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/03/13 16:12:28.0065 2384 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/03/13 16:12:28.0113 2384 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/13 16:12:28.0160 2384 RTHDMIAzAudService (34f05c417f038ffa3bef69b798d7d7dd) C:\Windows\system32\drivers\RtHDMIVX.sys
2011/03/13 16:12:28.0193 2384 RTL8167 (f65f171165fbb613f7aa3cc78e8cab42) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/03/13 16:12:28.0212 2384 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/03/13 16:12:28.0236 2384 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/03/13 16:12:28.0266 2384 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/03/13 16:12:28.0299 2384 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/03/13 16:12:28.0328 2384 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/03/13 16:12:28.0345 2384 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/03/13 16:12:28.0363 2384 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/03/13 16:12:28.0400 2384 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/03/13 16:12:28.0429 2384 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/03/13 16:12:28.0454 2384 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/03/13 16:12:28.0475 2384 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/03/13 16:12:28.0509 2384 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/03/13 16:12:28.0531 2384 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/03/13 16:12:28.0560 2384 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/03/13 16:12:28.0835 2384 SNP2STD (eac2d7a0cd9a3b3a2b0e77dd8c7e038e) C:\Windows\system32\DRIVERS\snp2sxp.sys
2011/03/13 16:12:29.0064 2384 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/03/13 16:12:29.0119 2384 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/03/13 16:12:29.0120 2384 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/03/13 16:12:29.0125 2384 sptd - detected Locked file (1)
2011/03/13 16:12:29.0163 2384 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2011/03/13 16:12:29.0204 2384 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/13 16:12:29.0245 2384 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/13 16:12:29.0279 2384 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/03/13 16:12:29.0316 2384 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/03/13 16:12:29.0339 2384 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
2011/03/13 16:12:29.0358 2384 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/03/13 16:12:29.0436 2384 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2011/03/13 16:12:29.0515 2384 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/13 16:12:29.0547 2384 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/13 16:12:29.0572 2384 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/03/13 16:12:29.0585 2384 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/03/13 16:12:29.0611 2384 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/13 16:12:29.0635 2384 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/03/13 16:12:29.0684 2384 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/13 16:12:29.0721 2384 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/13 16:12:29.0745 2384 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/03/13 16:12:29.0768 2384 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/13 16:12:29.0807 2384 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/03/13 16:12:29.0829 2384 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/03/13 16:12:29.0853 2384 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/03/13 16:12:29.0881 2384 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/03/13 16:12:29.0901 2384 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/03/13 16:12:29.0915 2384 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2011/03/13 16:12:29.0940 2384 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2011/03/13 16:12:29.0956 2384 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/03/13 16:12:29.0990 2384 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/03/13 16:12:30.0023 2384 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/03/13 16:12:30.0047 2384 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/03/13 16:12:30.0070 2384 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/03/13 16:12:30.0103 2384 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/03/13 16:12:30.0130 2384 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/13 16:12:30.0150 2384 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/03/13 16:12:30.0166 2384 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/03/13 16:12:30.0187 2384 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/03/13 16:12:30.0223 2384 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
2011/03/13 16:12:30.0237 2384 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/03/13 16:12:30.0260 2384 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/03/13 16:12:30.0284 2384 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/03/13 16:12:30.0307 2384 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/03/13 16:12:30.0329 2384 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/03/13 16:12:30.0351 2384 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/03/13 16:12:30.0373 2384 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/03/13 16:12:30.0400 2384 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/13 16:12:30.0415 2384 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/13 16:12:30.0456 2384 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/03/13 16:12:30.0488 2384 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/13 16:12:30.0556 2384 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/03/13 16:12:30.0575 2384 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/03/13 16:12:30.0631 2384 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/03/13 16:12:30.0668 2384 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/13 16:12:30.0704 2384 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/03/13 16:12:30.0730 2384 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/13 16:12:30.0777 2384 ================================================================================
2011/03/13 16:12:30.0777 2384 Scan finished
2011/03/13 16:12:30.0777 2384 ================================================================================
2011/03/13 16:12:30.0788 1584 Detected object count: 1
2011/03/13 16:14:21.0798 1584 Locked file(sptd) - User select action: Skip

#8 mati8898

Początkujący Uczestnik

Grupa: Czytelnicy
Postów 262
Rejestracja: 07-czerwiec 09

Napisano 13 marzec 2011, 18:56

W OTL wklej:

:OTL
[2010-11-29 15:36:30 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\MASTER\AppData\Roaming\mozilla\Firefox\Profiles\n67rdjis.
 default\extensions\engine@conduit.com
O4 - HKU\S-1-5-21-629509063-1113571351-4188246156-1000..\Run: [EPSON Stylus SX200 Series] File not found
O4 - HKU\S-1-5-21-629509063-1113571351-4188246156-1000..\Run: [EPSON Stylus SX200 Series (Kopia 1)] File not found

Klikasz Wykonaj skrypt, później Sprzątanie

Przeczyść dysk oraz rejestr CCleaner

Wykonaj pełne skanowanie Malwarebytes' Anti-Malware - jeśli coś znajdzie usuń i daj raport

#9 malenka

Nowy Uczestnik

Grupa: Czytelnicy
Postów 9
Rejestracja: 12-marzec 11

Napisano 13 marzec 2011, 19:40

Raport sprzed sprzątania:

========== OTL ==========
Folder C:\Users\MASTER\AppData\Roaming\mozilla\Firefox\Profiles\n67rdjis. \ not found.
Registry value HKEY_USERS\S-1-5-21-629509063-1113571351-4188246156-1000\Software\Microsoft\Windows\ CurrentVersion\Run\\EPSON Stylus SX200 Series deleted successfully.
Registry value HKEY_USERS\S-1-5-21-629509063-1113571351-4188246156-1000\Software\Microsoft\Windows\ CurrentVersion\Run\\EPSON Stylus SX200 Series (Kopia 1) deleted successfully.

OTL by OldTimer - Version 3.2.22.3 log created on 03132011_191452

#10 mati8898

Początkujący Uczestnik

Grupa: Czytelnicy
Postów 262
Rejestracja: 07-czerwiec 09

Napisano 13 marzec 2011, 20:14

Ok, wykonaj pozostałe kroki.

#11 malenka

Nowy Uczestnik

Grupa: Czytelnicy
Postów 9
Rejestracja: 12-marzec 11

Napisano 13 marzec 2011, 21:19

Ccleaner zrobił co trzeba (tak myślę ;p) ale nie ma żadnych raportów.

Pełen skan:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Wersja bazy: 6044

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2011-03-13 20:37:35
mbam-log-2011-03-13 (20-37-35).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowano obiektów: 262744
Upłynęło: 21 minut(y), 7 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 0
Zainfekowanych plików: 0

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
(Nie znaleziono zagrożeń)

Zainfekowanych plików:
(Nie znaleziono zagrożeń)

Przed chwilką znów mi wyskoczyło to okienko o którym pisałam na początku :/
I tak po kilka kilkanaście w ciągu dni, a ten powyższy skan nic chyba nie wykrył. To dobrze czy nie?

#12 mati8898

Początkujący Uczestnik

Grupa: Czytelnicy
Postów 262
Rejestracja: 07-czerwiec 09

Napisano 13 marzec 2011, 21:43

Nie dzieje się to czasem podczas korzystania z facebooka???

#13 malenka

Nowy Uczestnik

Grupa: Czytelnicy
Postów 9
Rejestracja: 12-marzec 11

Napisano 13 marzec 2011, 22:33

Yyy.. raczej tak.

#14 mati8898

Początkujący Uczestnik

Grupa: Czytelnicy
Postów 262
Rejestracja: 07-czerwiec 09

Napisano 14 marzec 2011, 14:56

To w takim razie fałszywy alarm, jakaś reklama prawdopodobnie, na którą NOD jest przewrażliwiony.

#15 malenka

Nowy Uczestnik

Grupa: Czytelnicy
Postów 9
Rejestracja: 12-marzec 11

Napisano 14 marzec 2011, 16:15

To w takim razie to nie jest groźne i mam się tym nie przejmować?

#16 mati8898

Początkujący Uczestnik

Grupa: Czytelnicy
Postów 262
Rejestracja: 07-czerwiec 09

Napisano 14 marzec 2011, 16:23

Nie przejmuj się tym.

#17 malenka

Nowy Uczestnik

Grupa: Czytelnicy
Postów 9
Rejestracja: 12-marzec 11

Napisano 14 marzec 2011, 18:49

Dziękuję Ci bardzo za pomoc i cierpliwość ;p
Pozdrawiam serdecznie...

Strona 1 z 1

Nie możesz napisać tematu
Dodaj odpowiedź

Szybka odpowiedź

Użytkownicy przeglądający ten temat: 1
0 użytkowników, 1 gości, 0 anonimowych

Zmień widoczność shoutboxa Shoutbox

emikyou :	(16 kwiecień 2012 - 13:26) @Ferrari: Na PŁ korzystają z "OpenGL SuperBible: Comprehensive Tutorial and Reference" i "OpenGL Programming Guide: The Official Guide to Learning OpenGL, Versions 3.0 and 3.1"
wtomczak :	(10 kwiecień 2012 - 09:27) masz problem z komputerem napisz na facebooku na stronie WT654, na pewno pomoże
Maciej :) :	(08 kwiecień 2012 - 09:36) A co do reklam, to mi na operze adBlock coś nie służy, szczególnie z postami bota redakcji od kiedy go dali, to zaczęło się walić..
Maciej :) :	(08 kwiecień 2012 - 09:35) Hej witam no, jak przestałem kupować Eksperta to wzięli i wstrzymali ;\| także nie mam tylko numeru pierwszego i ostatniego :p trochę szkoda, parę lat się było...
neo5628 :	(05 kwiecień 2012 - 21:57) Help http://forum.ks-ekspert.pl/topic/140746-problem-z-dzwiekiem/ Proszę
PiKey :	(21 marzec 2012 - 18:24) ludzie, pomóżcie http://forum.ks-ekspert.pl/topic/140418-jak-dziala-sprawdzanie-wykonania-zadania-na-stronach-typu-doladujse/
PiKey :	(21 marzec 2012 - 18:24) ds
A:-)Brunuś :	(17 marzec 2012 - 19:17) jest tu ktoś? http://forum.ks-ekspert.pl/topic/140400-firewire-obudowa-do-dysku-25-—-200-zlo/
Ferrari :	(16 marzec 2012 - 11:12) Polećcie dobrą książkę do OpenGL albo kurs w sieci
lisz55 :	(15 marzec 2012 - 21:44) przez ktore reklamy? nie widze zeby jakies nowe byly
Pretender :	(15 marzec 2012 - 18:22) :/
Pretender :	(15 marzec 2012 - 18:22) az sie nie chce czytac tego forum przez te parszywe reklamy...ale dzidostwo zrobili...
yojo2 :	(12 marzec 2012 - 13:26) wchodz na forum przez lynxa :P
Ferrari :	(10 marzec 2012 - 21:21) Jak tu nie korzystać z AdBlocka, kiedy Forum Eksperta wywala reklamę na całą stronę?
lisz55 :	(09 marzec 2012 - 21:41) siedze i czytam calkiem niezle ale mogl by ktos wytlumaczyc o co chodzi z dark knightem nie widzialem tego filmu
lisz55 :	(09 marzec 2012 - 21:40) to moze rozruszam troche czat http://moviesascode.net/
Pretender :	(06 marzec 2012 - 16:43) rozmowy tak jak Enty prowadziły w powieści Tolkiena :P
dawido90 :	(05 marzec 2012 - 15:03) to już poprostu przyzwyczajenie
yojo2 :	(04 marzec 2012 - 22:25) mailem przestac tu wchodzic, ale stwierdzilem ze skoro i tak zwykle tu tylko wchodze i wychodze, to wszystko jedno :P
Ferrari :	(04 marzec 2012 - 21:16) Już myślałem, że ruch na forum spada zera, a jednak pochodna zmieniła znak

Komputer Świat Ekspert - Forum: Mam jakiegoś wirusa :/ - Komputer Świat Ekspert - Forum

Mam jakiegoś wirusa :/ Jestem totalnym laikiem proszącym o pomoc ;)

#1 malenka

#2 mati8898

#3 malenka

#4 mati8898

#5 malenka

#6 mati8898

#7 malenka

#8 mati8898

#9 malenka

#10 mati8898

#11 malenka

#12 mati8898

#13 malenka

#14 mati8898

#15 malenka

#16 mati8898

#17 malenka

Szybka odpowiedź

Emotikony

Użytkownicy przeglądający ten temat: 1
0 użytkowników, 1 gości, 0 anonimowych

Zmień widoczność shoutboxa Shoutbox

Styl i tłumaczenie

Statystyki realizacji

Komputer Świat Ekspert - Forum: Mam jakiegoś wirusa :/ - Komputer Świat Ekspert - Forum

Mam jakiegoś wirusa :/ Jestem totalnym laikiem proszącym o pomoc ;)

Szybka odpowiedź

Emotikony

Użytkownicy przeglądający ten temat: 1 0 użytkowników, 1 gości, 0 anonimowych

Styl i tłumaczenie

Statystyki realizacji

Użytkownicy przeglądający ten temat: 1
0 użytkowników, 1 gości, 0 anonimowych