[Problem]Mój komputer warjuje!

[WielkiBananPL]

Witam. Ostatnio mój komputer się sypie, ponieważ :

 

- gdy skanuje komputer avastem zacina komputer

- gdy chce coś usunąć za pomocą opcji "usuń lub dodaj programy" zacina komputer

- ścinają mi się bardziej gry niż zwykle..

- przy stracie komputera mam niebieski ekran i odlicza od 10 i sprawdza dyski, dochodzi do 29% i nie idzie dalej..

 

Wiecie, co może być przyczyną tych problemów ? Lub jak je naprawić ?

Pomóżcie ! Nagrodzę osobę, nawet tą która się starała pomóc

[Pingwinek_PL]

Daj loga z programu OTL, a Fresz, ci je później sprawdzi.

[WielkiBananPL]

Ja jestem zielony więc nie wiem czy to o to chodziło :

 

OTL logfile created on: 2013-01-15 20:28:32 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie

Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

1,94 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 60,43% Memory free

3,79 Gb Paging File | 3,18 Gb Available in Paging File | 84,10% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 127,99 Gb Total Space | 60,93 Gb Free Space | 47,61% Space Free | Partition Type: NTFS

Drive H: | 337,64 Gb Total Space | 252,25 Gb Free Space | 74,71% Space Free | Partition Type: NTFS

 

Computer Name: KAPI | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2013-01-15 20:28:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe

PRC - [2013-01-11 15:05:16 | 000,917,552 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2012-12-18 16:04:46 | 000,166,600 | ---- | M] (APN LLC.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe

PRC - [2012-12-18 16:04:40 | 001,383,112 | ---- | M] (APN) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

PRC - [2012-12-10 17:29:44 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe

PRC - [2012-11-08 15:55:21 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe

PRC - [2012-11-07 12:33:54 | 000,312,176 | ---- | M] () -- C:\Program Files\Przyspiesz Komputer\PCSUService.exe

PRC - [2012-11-05 11:57:12 | 003,854,696 | ---- | M] () -- C:\Program Files\TUTO4PC\tuto4pc_pl_1.exe

PRC - [2012-11-05 11:57:12 | 003,055,976 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\tuto4pc_pl_1\supt4pc_pl_1.exe

PRC - [2012-10-24 12:53:15 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

PRC - [2012-10-15 18:32:43 | 000,096,056 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe

PRC - [2012-10-03 14:40:05 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe

PRC - [2012-09-24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe

PRC - [2012-08-21 10:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2012-08-21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2012-02-11 21:52:02 | 000,025,088 | ---- | M] () -- C:\Program Files\SpeedyDrive\mounter.exe

PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2013-01-15 09:43:10 | 002,043,392 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13011500\algo.dll

MOD - [2013-01-11 15:05:14 | 003,021,872 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll

MOD - [2013-01-09 16:05:25 | 014,586,888 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll

MOD - [2012-11-10 20:57:08 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll

MOD - [2012-11-08 15:55:21 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe

MOD - [2012-11-07 12:33:54 | 000,312,176 | ---- | M] () -- C:\Program Files\Przyspiesz Komputer\PCSUService.exe

MOD - [2012-11-05 11:57:12 | 003,854,696 | ---- | M] () -- C:\Program Files\TUTO4PC\tuto4pc_pl_1.exe

MOD - [2012-11-05 11:57:12 | 003,055,976 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\tuto4pc_pl_1\supt4pc_pl_1.exe

MOD - [2012-10-24 12:53:16 | 000,134,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll

MOD - [2012-10-24 12:53:15 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

MOD - [2012-10-24 12:53:15 | 000,566,728 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll

MOD - [2012-02-11 21:52:02 | 000,025,088 | ---- | M] () -- C:\Program Files\SpeedyDrive\mounter.exe

MOD - [2012-01-16 21:06:32 | 000,577,621 | ---- | M] () -- C:\Program Files\Przyspiesz Komputer\Sqlite3.dll

MOD - [2008-04-14 21:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2006-10-31 07:35:00 | 000,196,608 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll

 

 

========== Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)

SRV - [2013-01-11 15:05:15 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013-01-09 16:05:26 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012-12-18 16:04:46 | 000,166,600 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)

SRV - [2012-12-10 17:29:44 | 001,435,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2012-11-09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012-11-07 12:33:54 | 000,312,176 | ---- | M] () [Auto | Running] -- C:\Program Files\Przyspiesz Komputer\PCSUService.exe -- (PCSUService)

SRV - [2012-11-05 11:57:12 | 003,055,976 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\tuto4pc_pl_1\supt4pc_pl_1.exe -- (supt4pc_pl_1)

SRV - [2012-10-24 12:53:15 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)

SRV - [2012-09-24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2012-08-21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2012-02-11 21:52:02 | 000,025,088 | ---- | M] () [Auto | Running] -- C:\Program Files\SpeedyDrive\mounter.exe -- (DokanMounter)

SRV - [2011-06-17 18:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\osoftn.sys -- (amsint32)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\osoftn.sys -- (aic32p)

DRV - [2012-10-26 20:03:22 | 000,187,736 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxDrv.sys -- (VBoxDrv)

DRV - [2012-10-26 20:03:06 | 000,104,280 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV - [2012-10-26 20:02:10 | 000,115,544 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)

DRV - [2012-10-26 20:02:10 | 000,094,040 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)

DRV - [2012-10-24 12:53:16 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)

DRV - [2012-09-27 17:32:54 | 000,016,608 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)

DRV - [2012-08-21 10:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2012-08-21 10:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2012-08-21 10:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2012-08-21 10:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2012-08-21 10:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)

DRV - [2012-08-21 10:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2012-08-21 10:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2012-02-11 21:52:02 | 000,091,904 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\dokan.sys -- (Dokan)

DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)

DRV - [2008-12-11 10:24:20 | 004,959,232 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2007-06-29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)

DRV - [2006-11-27 15:33:54 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2006-11-27 15:33:50 | 000,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2006-10-18 15:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtByEtC0DtCtD0AzyyBtDyE0D0BtDtN0D0Tzu0StByBtCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=408065330

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = ${SEARCH_URL_IE7}

IE - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtByEtC0DtCtD0AzyyBtDyE0D0BtDtN0D0Tzu0StByBtCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=408065330

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={EF15EC1A-A6BB-4CF6-9432-8C3CE55F55C4}&mid=b0cadc4f619a44f9b751005381ebcfcb-d65e866ea9deb275b2dbeabd146c37e6bb6e8892〈=pl&ds=xn011&pr=sa&d=2012-10-16 16:46:39&v=13.2.0.5&sap=hp

IE - HKCU\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)

IE - HKCU\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://asksearch.ask.com/redirect?client=ie&src=crm&tb=SGT-SAT&itbv=11.5.0.929&o=APN10375&locale=en_US&apn_uid=CD97860A-3077-4535-AAD3-6422E9372AAF&apn_ptnrs=^AHP&apn_dtid=^YYYYYY^W0^PL&apn_dbr=ff_17.0&doi=2013-01-03&q={searchTerms}&

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={EF15EC1A-A6BB-4CF6-9432-8C3CE55F55C4}&mid=b0cadc4f619a44f9b751005381ebcfcb-d65e866ea9deb275b2dbeabd146c37e6bb6e8892〈=pl&ds=xn011&pr=sa&d=2012-10-16 16:46:39&v=13.2.0.4&sap=dsp&q={searchTerms}

IE - HKCU\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtByEtC0DtCtD0AzyyBtDyE0D0BtDtN0D0Tzu0StByBtCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=408065330

IE - HKCU\..\SearchScopes\{DCDBBF03-BC10-457D-911F-EFB0321D22BE}: "URL" = ${SRCH_SCP_URL}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Ask Search"

FF - prefs.js..browser.search.defaultenginename: "Ask Search"

FF - prefs.js..browser.search.order.1: "Ask Search"

FF - prefs.js..browser.search.selectedEngine: "Ask Search"

FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?l=dis&o=APN10375&gct=hp&apn_ptnrs=^AHP&apn_dtid=^YYYYYY^W0^PL&p2=^AHP^YYYYYY^W0^PL&tpid=SGT-SAT&apn_dbr=ff_17.0&apn_uid=CD97860A-3077-4535-AAD3-6422E9372AAF&itbv=11.5.0.929&doi=2013-01-03"

FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0

FF - prefs.js..keyword.URL: "http://asksearch.ask.com/redirect?client=ff&src=kw&tb=SGT-SAT&o=APN10375&itbv=11.5.0.929&doi=2013-01-03&locale=en_US&apn_uid=CD97860A-3077-4535-AAD3-6422E9372AAF&apn_ptnrs=^AHP&apn_dtid=^YYYYYY^W0^PL&apn_dbr=ff_17.0&&q="

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-10-15 18:29:51 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2012-10-15 18:33:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\FireFoxExt\13.2.0.5 [2012-11-08 15:55:29 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-01-11 15:05:17 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-01-11 15:05:02 | 000,000,000 | ---D | M]

 

[2012-09-27 16:44:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions

[2013-01-11 15:11:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\bl27arij.default-1356273506417\extensions

[2013-01-11 15:11:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\bl27arij.default-1356273506417\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2013-01-08 14:43:09 | 000,000,000 | ---D | M] (Ask Shopping Toolbar) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\bl27arij.default-1356273506417\extensions\[email protected]

[2013-01-03 18:19:00 | 000,002,401 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\bl27arij.default-1356273506417\searchplugins\ask-search.xml

[2013-01-11 15:04:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013-01-11 15:05:16 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012-01-12 09:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll

[2012-10-28 09:51:11 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2012-11-08 15:55:24 | 000,003,573 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml

[2012-10-28 09:51:11 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2012-10-28 09:51:11 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2012-10-28 09:51:11 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2012-10-28 09:51:11 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2012-10-28 09:51:11 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

 

========== Chrome ==========

 

CHR - homepage: http://www.ask.com/?l=dis&o=APN10375cr&gct=hp&apn_ptnrs=^AHP&apn_dtid=^YYYYYY^W0^PL&p2=^AHP^YYYYYY^W0^PL&tpid=SGT-SAT&apn_dbr=ff_17.0&apn_uid=CD97860A-3077-4535-AAD3-6422E9372AAF&itbv=11.5.0.929&doi=2013-01-03

CHR - default_search_provider: Ask Search (Enabled)

CHR - default_search_provider: search_url = http://asksearch.ask.com/redirect?client=cr&src=kw&tb=SGT-SAT&o=APN10375&itbv=11.5.0.929&doi=2013-01-03&locale=en_US&apn_uid=CD97860A-3077-4535-AAD3-6422E9372AAF&apn_ptnrs=^AHP&apn_dtid=^YYYYYY^W0^PL&apn_dbr=ff_17.0&&q={searchTerms}

CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}

CHR - homepage: http://www.ask.com/?l=dis&o=APN10375cr&gct=hp&apn_ptnrs=^AHP&apn_dtid=^YYYYYY^W0^PL&p2=^AHP^YYYYYY^W0^PL&tpid=SGT-SAT&apn_dbr=ff_17.0&apn_uid=CD97860A-3077-4535-AAD3-6422E9372AAF&itbv=11.5.0.929&doi=2013-01-03

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.52\pdf.dll

CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: Ask Shopping Toolbar = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aaaampcbpkbcfdbdconpoidnofkkacgg\7.34113_0\

CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: Nowa karta = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj\5.1_0\

CHR - Extension: Szukaj w Google = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: avast! WebRep = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\

CHR - Extension: AVG Secure Search = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\

CHR - Extension: AVG Secure Search = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak

CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

 

O1 HOSTS File: ([2001-10-26 16:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)

O2 - BHO: (Ask Shopping Toolbar) - {5347542D-5341-5400-76A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\SGT-SAT\Passport.dll (APN LLC.)

O2 - BHO: (avast! EasyPass Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.6.7.4\bh\Softonic.dll (Softonic.com)

O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll (Softonic.com)

O3 - HKLM\..\Toolbar: (Ask Shopping Toolbar) - {5347542D-5341-5400-76A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\SGT-SAT\Passport.dll (APN LLC.)

O3 - HKLM\..\Toolbar: (avast! EasyPass Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (avast! EasyPass Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)

O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)

O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [ROC_ROC_NT] C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe ()

O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe ()

O4 - HKLM..\Run: [Tutorials] C:\Program Files\TUTO4PC\tuto4pc_pl_1.exe ()

O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()

O4 - HKCU..\Run: [Abagag] C:\Documents and Settings\Administrator\Dane aplikacji\Abagag.exe File not found

O4 - HKCU..\Run: [PCSpeedUp] C:\Program Files\Przyspiesz Komputer\PCSUNotifier.exe ()

O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: &P&obierz &za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: Pasek Narzędzi avast! EasyPass - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()

O8 - Extra context menu item: Personalizuj menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()

O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: Wypełnij Pola - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()

O8 - Extra context menu item: Zapisz Pola - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()

O9 - Extra Button: Wypełnij pola - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)

O9 - Extra 'Tools' menuitem : Wypełnij Pola - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)

O9 - Extra Button: Zapisz - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)

O9 - Extra 'Tools' menuitem : Zapisz Pola - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)

O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)

O9 - Extra 'Tools' menuitem : Pasek Narzędzi avast! EasyPass - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found

O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)

O15 - HKCU\..Trusted Domains: ([]msn in Mój komputer)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{168949F4-67E5-4BA3-9FE2-4BBD6CEB63EC}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - about:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2012-09-27 13:27:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2013-01-15 19:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\MAXON

[2013-01-15 18:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\AuthMe

[2013-01-15 18:53:16 | 000,000,000 | ---D | C] -- C:\Program Files\MAXON

[2013-01-15 18:35:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\MAXON

[2013-01-14 18:45:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Balmora.pl

[2013-01-14 18:45:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Balmora.pl

[2013-01-13 11:17:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Pliki serwerowe by BR3ND [1.4.6] V1.2

[2013-01-12 13:41:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\VALVe

[2013-01-12 11:43:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\WaterSurvival2x2ExtremeSurvivalMap

[2013-01-11 15:58:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Total Commander

[2013-01-11 15:58:46 | 000,000,000 | ---D | C] -- C:\totalcmd

[2013-01-11 15:58:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\GHISLER

[2013-01-11 15:04:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2013-01-05 20:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Apple

[2013-01-03 16:12:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\dwhelper

[2013-01-03 16:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\PCSpeedUp

[2013-01-03 16:07:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Przyspiesz Komputer

[2013-01-03 16:07:47 | 000,000,000 | ---D | C] -- C:\Program Files\Przyspiesz Komputer

[2013-01-03 16:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\AskPartnerNetwork

[2013-01-03 16:05:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AskPartnerNetwork

[2013-01-03 16:05:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\APN

[2013-01-02 15:31:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\mc

[2013-01-01 19:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Apple Computer

[2013-01-01 19:58:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\QuickTime

[2013-01-01 19:57:49 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2013-01-01 19:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer

[2013-01-01 19:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple

[2013-01-01 19:57:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Apple

[2013-01-01 19:57:14 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

[2013-01-01 19:57:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple

[2013-01-01 19:57:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Apple Computer

[2013-01-01 16:58:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.gstreamer-0.10

[2013-01-01 16:58:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM

[2013-01-01 16:58:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenFM

[2012-12-31 08:00:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET

[2012-12-28 11:01:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu 10

[2012-12-28 11:00:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10

[2012-12-28 11:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10

[2012-12-26 13:24:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Lonely Cat Games

[2012-12-26 13:23:59 | 000,000,000 | ---D | C] -- C:\Program Files\Lonely Cat Games

[2012-12-24 10:31:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Vitalwerks

[2012-12-24 10:31:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\No-IP DUC

[2012-12-24 10:31:04 | 000,000,000 | ---D | C] -- C:\Program Files\No-IP

[2012-12-22 18:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Downloads

[2012-12-22 11:56:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Serwer_By_RastManPL1(1)

[2012-11-12 14:41:52 | 000,042,496 | ---- | C] (KaMeR Corporation) -- C:\Documents and Settings\Administrator\Metin2 File Archiver.exe

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2013-01-15 20:31:15 | 000,116,924 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\188.JPG

[2013-01-15 20:27:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

[2013-01-15 20:15:38 | 000,060,127 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Zdjęcie1689-002.jpg

[2013-01-15 20:08:10 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2013-01-15 20:08:09 | 000,081,496 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2013-01-15 20:08:09 | 000,000,378 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2013-01-15 20:07:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013-01-15 20:05:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013-01-15 19:45:01 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2013-01-15 18:54:01 | 000,152,329 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\AuthMe.rar

[2013-01-15 14:31:25 | 000,000,223 | RHS- | M] () -- C:\boot.ini

[2013-01-14 21:02:25 | 000,914,025 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\xDDDDDDDDDDDD.jpg

[2013-01-14 21:02:25 | 000,029,713 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\recently-used.xbel

[2013-01-14 20:58:55 | 000,554,001 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\IMG_14012013_205633.png

[2013-01-14 20:57:01 | 000,285,428 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\t9cj9x.jpg

[2013-01-14 20:44:33 | 000,005,876 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\images (2)g.jpg

[2013-01-14 20:39:48 | 000,001,420 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\szymon.lnk

[2013-01-14 18:48:27 | 000,000,388 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Balmora.pl.lnk

[2013-01-14 16:18:13 | 000,079,041 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Zdjęcie0033.jpg

[2013-01-14 16:14:58 | 000,021,600 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\zryty banan.jpeg

[2013-01-14 16:07:53 | 000,053,198 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\xDDDD.JPG

[2013-01-14 16:06:07 | 000,016,172 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\xDD.jpg

[2013-01-14 16:03:09 | 000,020,820 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Aaaaa.jpg

[2013-01-14 09:58:23 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI

[2013-01-13 20:49:12 | 000,158,006 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\2013-01-13_20.47.20.png

[2013-01-13 18:57:53 | 000,018,047 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\095ff77c74.jpeg

[2013-01-13 11:17:00 | 025,549,496 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Pliki serwerowe by BR3ND [1.4.6] V1.2.rar

[2013-01-12 20:05:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2013-01-12 14:29:46 | 000,000,339 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\wyłączanie.reg

[2013-01-12 13:41:02 | 000,000,632 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Counter-Strike Source.lnk

[2013-01-11 17:42:35 | 004,325,376 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\WaterSurvival2x2ExtremeSurvivalMap.rar

[2013-01-11 15:58:48 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Total Commander.lnk

[2013-01-10 20:07:05 | 000,083,907 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\Bez tytułu.png

[2013-01-10 20:07:01 | 000,053,659 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje Ocenki.png

[2013-01-09 20:23:51 | 000,066,048 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013-01-09 16:10:46 | 000,360,192 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\minecraft_wallpaper_tapeta_16_800_600.jpg

[2013-01-09 16:05:25 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2013-01-09 16:05:25 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2013-01-07 20:13:20 | 000,529,258 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\.wav

[2013-01-07 13:52:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013-01-03 18:02:46 | 033,037,357 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\dla isamu.wmv

[2013-01-03 16:07:51 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\PC SpeedUp Service Deactivator.job

[2013-01-03 07:05:08 | 000,113,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013-01-01 19:58:00 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk

[2012-12-31 08:04:39 | 000,555,118 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat

[2012-12-31 08:04:39 | 000,493,054 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012-12-31 08:04:39 | 000,104,274 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat

[2012-12-31 08:04:39 | 000,083,598 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012-12-28 11:00:48 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk

[2012-12-28 11:00:48 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk

[2012-12-27 09:12:45 | 005,445,939 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\VirtualDJ.rar

[2012-12-17 02:42:14 | 000,162,400 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\AuthMe.jar

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2013-01-15 20:31:13 | 000,116,924 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\188.JPG

[2013-01-15 20:15:36 | 000,060,127 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Zdjęcie1689-002.jpg

[2013-01-15 18:54:01 | 000,152,329 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\AuthMe.rar

[2013-01-15 18:53:46 | 000,162,400 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\AuthMe.jar

[2013-01-14 21:02:25 | 000,029,713 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\recently-used.xbel

[2013-01-14 21:02:24 | 000,914,025 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\xDDDDDDDDDDDD.jpg

[2013-01-14 20:58:30 | 000,554,001 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\IMG_14012013_205633.png

[2013-01-14 20:57:00 | 000,285,428 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\t9cj9x.jpg

[2013-01-14 20:44:32 | 000,005,876 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\images (2)g.jpg

[2013-01-14 20:38:28 | 000,001,420 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\szymon.lnk

[2013-01-14 18:48:27 | 000,000,388 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Balmora.pl.lnk

[2013-01-14 16:18:08 | 000,079,041 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Zdjęcie0033.jpg

[2013-01-14 16:14:29 | 000,021,600 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\zryty banan.jpeg

[2013-01-14 16:07:53 | 000,053,198 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\xDDDD.JPG

[2013-01-14 16:06:06 | 000,016,172 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\xDD.jpg

[2013-01-14 15:59:14 | 000,020,820 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Aaaaa.jpg

[2013-01-13 20:48:01 | 000,158,006 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\2013-01-13_20.47.20.png

[2013-01-13 18:57:53 | 000,018,047 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\095ff77c74.jpeg

[2013-01-13 11:17:38 | 000,166,222 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\iConomy.jar

[2013-01-13 11:16:04 | 025,549,496 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Pliki serwerowe by BR3ND [1.4.6] V1.2.rar

[2013-01-12 14:20:19 | 000,000,339 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\wyłączanie.reg

[2013-01-12 13:41:02 | 000,000,632 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Counter-Strike Source.lnk

[2013-01-11 17:42:25 | 004,325,376 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\WaterSurvival2x2ExtremeSurvivalMap.rar

[2013-01-11 15:58:48 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Total Commander.lnk

[2013-01-10 20:07:02 | 000,083,907 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\Bez tytułu.png

[2013-01-10 20:06:59 | 000,053,659 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje Ocenki.png

[2013-01-09 16:09:48 | 000,360,192 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\minecraft_wallpaper_tapeta_16_800_600.jpg

[2013-01-07 20:13:20 | 000,529,258 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\.wav

[2013-01-03 18:02:46 | 033,037,357 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\dla isamu.wmv

[2013-01-03 16:07:51 | 000,000,364 | ---- | C] () -- C:\WINDOWS\tasks\PC SpeedUp Service Deactivator.job

[2013-01-01 19:58:00 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\QuickTime Player.lnk

[2013-01-01 19:57:17 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2013-01-01 19:57:15 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Apple Software Update.lnk

[2012-12-28 11:00:48 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk

[2012-12-28 11:00:48 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk

[2012-12-28 11:00:35 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk

[2012-12-27 09:12:40 | 005,445,939 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\VirtualDJ.rar

[2012-12-13 16:05:38 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\GRANNY.DLL

[2012-12-11 18:38:23 | 000,000,115 | ---- | C] () -- C:\WINDOWS\System32\getfiles.ini

[2012-12-11 18:37:17 | 000,003,072 | ---- | C] () -- C:\WINDOWS\setwintitle.exe

[2012-12-06 17:58:03 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2012-11-13 15:30:20 | 000,000,005 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\mbam.context.scan

[2012-11-13 14:18:52 | 001,361,348 | ---- | C] () -- C:\Documents and Settings\Administrator\Laucher.rar

[2012-11-12 14:49:29 | 000,465,800 | ---- | C] () -- C:\Documents and Settings\Administrator\root.epk

[2012-11-12 14:49:29 | 000,003,008 | ---- | C] () -- C:\Documents and Settings\Administrator\root.eix

[2012-11-12 14:46:42 | 000,007,398 | ---- | C] () -- C:\Documents and Settings\Administrator\output.xml

[2012-11-11 12:15:21 | 001,589,248 | ---- | C] () -- C:\WINDOWS\System32\libmysql_d.dll

[2012-10-15 16:32:01 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\xxdl.sys

[2012-10-10 19:38:49 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012-10-06 20:51:20 | 000,000,270 | ---- | C] () -- C:\Documents and Settings\Administrator\inv.vbs

[2012-10-05 19:32:36 | 000,001,016 | RHS- | C] () -- C:\Documents and Settings\Administrator\ntuser.pol

[2012-09-29 19:25:44 | 000,066,048 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012-09-28 14:56:00 | 000,290,500 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\funmoods-speeddial_sf.crx

[2012-09-28 14:56:00 | 000,031,465 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\funmoods.crx

[2012-09-27 14:35:23 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2012-09-27 14:34:36 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat

[2012-09-27 14:21:17 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2012-09-27 14:20:03 | 000,113,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012-09-27 13:45:09 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2012-09-27 13:29:23 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2012-09-27 13:25:52 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2012-02-11 21:52:02 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\dokan.dll

 

========== ZeroAccess Check ==========

 

[2012-10-01 15:37:13 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\System32\shdocvw.dll -- [2008-04-14 21:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2008-04-14 21:50:32 | 000,472,064 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008-04-14 21:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

< End of report >

[Pingwinek_PL]

Wygląda to na zakażenie, ZeroAccess, ale poczekaj na fresza. Bo ja mogę pierdolić głupoty.

[WielkiBananPL]

@UP

A kto to jest bo ja jestem zielony

[NitroCharge]

Jego nick to Fr3shMak3r

[arteekk]

Specjalista w tej dziedzinie. :3

[WielkiBananPL]

Aha, dzięki .

[Fr3shMak3r]

Pisze z telefonu z telefonu ale mam katastrofalne wiesci .

Pierwszy raz z takim czyms sie spotkalem .

Otoz w systemie siedzi potworny wirus Sality zaraza i niszczy pliki wykonywalne na wszystkich dyskach .

Co gorsza przy tej infekcji wystepuje przewaznie 1 ale tu sa 2 sterowniki Sality!!!

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\osoftn.sys -- (amsint32)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\osoftn.sys -- (aic32p)

 

Niestety sytuacja jest tragiczna .

Wyglada na to ze wirus laduje sie metoda para rootkit .

Mozemy powalczyc z ta infekcja .

Zobacz czy dziala tryb awaryjny.

Napisze po 15 bo szkola :/

Jeszcze brakuje loga Extras bo nie zaznaczyles Skan rejestr dodatkowy na uzyj filtrowania.

[Blondyneczka]

S.M.A.R.T dysku pokaż mi z hd tune pro lub victorii

Czy dyskiem rzucano ? Zmieniał temperatury ? Pokaż zdjęcie z temperatury podzespołów

 

Pisze z telefonu z telefonu ale mam katastrofalne wiesci .

Pierwszy raz z takim czyms sie spotkalem .

Otoz w systemie siedzi potworny wirus Sality zaraza i niszczy pliki wykonywalne na wszystkich dyskach .

Co gorsza przy tej infekcji wystepuje przewaznie 1 ale tu sa 2 sterowniki Sality!!!

 

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\osoftn.sys -- (amsint32)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\osoftn.sys -- (aic32p)

 

Niestety sytuacja jest tragiczna .

Wyglada na to ze wirus laduje sie metoda para rootkit .

Mozemy powalczyc z ta infekcja .

Zobacz czy dziala tryb awaryjny.

Napisze po 15 bo szkola :/

Jeszcze brakuje loga Extras bo nie zaznaczyles Skan rejestr dodatkowy na uzyj filtrowania.

Niech zrobi formata to usunie wiruska na forever

Ale nie tylko powodem może być wirus powodów jest dużo min może być wirus

[Fr3shMak3r]

Wiem ze na takie infekcje najlepsze rozwiazanie to format .

Ale skoro napisal temat bo predzej czy pozniej i tak by trzasnal formata .

Pokaz jeszcze log USBfix z opcji Listing .

[WielkiBananPL]

############################## | UsbFix 7.042 | [Listing]

 

User: Administrator (Administrator) # KAPI [ ]

Updated 26/03/2011 by TeamXscript

Started at 09:58:30 | 16/01/2013

Website: http://www.teamxscript.org

Submit your sample: http://www.teamxscript.org/Upload.php

Contact: [email protected]

 

CPU: AMD Athlon™ 64 X2 Dual Core Processor 5200+

CPU 2: AMD Athlon™ 64 X2 Dual Core Processor 5200+

Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3

Internet Explorer 6.0.2900.5512

 

Windows Firewall: Disabled /!\

Antivirus: avast! Antivirus 5.0.117441978 [Enabled | Updated]

RAM -> 1983 Mb

C:\ (%systemdrive%) -> Fixed drive # 128 Gb (60 Mb free - 47%) [] # NTFS

D:\ -> CD-ROM

H:\ -> Fixed drive # 338 Gb (252 Mb free - 75%) [] # NTFS

 

################## | Listing |

 

[27/09/2012 - 13:27:53 | A | 0] C:\AUTOEXEC.BAT

[15/01/2013 - 14:31:25 | RSH | 223] C:\boot.ini

[21/07/2001 - 23:13:54 | RASH | 4952] C:\Bootfont.bin

[27/09/2012 - 13:27:53 | A | 0] C:\CONFIG.SYS

[21/07/2001 - 23:36:12 | SH | 2] C:\desktop.ini

[21/09/2001 - 05:10:06 | A | 146432] C:\DISKPART.EXE

[27/06/2001 - 14:17:40 | A | 32448] C:\DISKPART_D.HTM

[02/07/2001 - 13:18:36 | A | 12845] C:\diskpart_license.txt

[15/10/2012 - 19:11:35 | RD ] C:\Documents and Settings

[12/01/2013 - 14:12:37 | D ] C:\Downloads

[11/01/2013 - 20:05:18 | D ] C:\Fraps

[15/10/2012 - 19:11:35 | RD ] C:\games

[27/09/2012 - 13:27:53 | RASH | 0] C:\IO.SYS

[27/09/2012 - 13:27:53 | RASH | 0] C:\MSDOS.SYS

[29/11/2012 - 19:29:55 | D ] C:\Nexon

[27/09/2012 - 16:35:25 | RASH | 47564] C:\NTDETECT.COM

[27/09/2012 - 16:35:25 | RASH | 251152] C:\ntldr

[16/01/2013 - 09:50:36 | ASH | 2145386496] C:\pagefile.sys

[15/01/2013 - 18:53:16 | RD ] C:\Program Files

[27/09/2012 - 14:37:37 | SHD ] C:\RECYCLER

[16/01/2013 - 08:55:41 | SHD ] C:\System Volume Information

[27/03/2000 - 15:37:42 | A | 8540] C:\ToolDownloadReadme.htm

[11/01/2013 - 15:58:58 | D ] C:\totalcmd

[16/01/2013 - 09:58:19 | D ] C:\UsbFix

[16/01/2013 - 09:58:31 | A | 656] C:\UsbFix.txt

[17/11/2012 - 15:41:18 | A | 109] C:\user.js

[11/12/2012 - 18:37:17 | D ] C:\WINDOWS

[16/11/2012 - 21:13:37 | D ] H:\7de1b02f67bae5bce7b981e38494

[02/12/2007 - 14:38:48 | A | 110592] H:\artpclnt.dll

[15/08/2012 - 12:12:35 | A | 5386240] H:\Balmora.exe

[14/01/2013 - 18:47:55 | D ] H:\BGM

[14/01/2013 - 18:45:56 | A | 0] H:\blacklist.txt

[15/01/2013 - 13:10:37 | A | 5] H:\channel.inf

[06/07/2010 - 12:46:50 | A | 258048] H:\config.exe

[01/07/2012 - 09:57:04 | A | 28950] H:\CoNowego.txt

[15/01/2013 - 20:32:41 | D ] H:\Counter-Strike 1.6 ZCP

[12/01/2013 - 14:11:24 | D ] H:\Counter-Strike Source

[13/11/2011 - 11:57:30 | A | 1675] H:\CzytajTo.txt

[09/06/2012 - 18:19:49 | A | 101888] H:\Default.SFX

[31/03/2012 - 16:05:22 | A | 1048] H:\Descript.ion

[21/07/2001 - 23:36:12 | SH | 2] H:\desktop.ini

[01/07/2010 - 17:48:12 | A | 269312] H:\devil.dll

[13/12/2012 - 16:26:22 | D ] H:\dll

[18/04/2012 - 12:26:26 | A | 0] H:\dll_list.txt

[12/01/2013 - 20:22:46 | D ] H:\Downloads

[24/10/2007 - 19:54:44 | A | 35328] H:\DSETUP.dll

30/06/2010 - 21:11:47 | A | 81920] H:\errorlog.exe

[16/11/2012 - 07:24:16 | D ] H:\Euro Truck Simulator 2

[27/11/2012 - 15:06:30 | D ] H:\FIFA 13 FULL UNLOCKED MULTI 12+DLC

[17/06/2012 - 07:49:45 | A | 598] H:\File_Id.diz

[12/10/2012 - 19:49:46 | SH | 937] H:\folder.htt

[12/10/2012 - 19:49:46 | D ] H:\Formats

[07/10/2012 - 08:17:54 | D ] H:\Fraps

[13/12/2012 - 16:28:53 | D ] H:\game

[13/12/2012 - 16:28:48 | A | 4422656] H:\game.exe

[02/12/2007 - 14:38:48 | A | 369719] H:\granny2.dll

[28/11/2012 - 18:13:40 | D ] H:\GTA San Andreas

[03/01/2013 - 19:00:18 | A | 953842688] H:\hehee.avi

[03/01/2013 - 19:00:18 | A | 30] H:\hehee.avi.sfl

[14/01/2013 - 18:48:02 | SHD ] H:\hshield

[18/09/2011 - 14:47:41 | ASH | 7643] H:\HsUserUtil.log

[02/12/2007 - 14:38:48 | A | 372736] H:\ijl15.dll

[14/01/2013 - 18:50:44 | A | 39] H:\ijl17.dll

[02/12/2007 - 14:38:48 | A | 27648] H:\ilu.dll

[23/06/2011 - 16:56:19 | A | 108578] H:\konfiguruj.exe

[14/01/2013 - 18:47:29 | D ] H:\lib

[30/06/2012 - 15:44:58 | A | 6015] H:\Licencja.txt

[18/01/2011 - 10:07:29 | A | 40] H:\locale.cfg

[28/11/2011 - 16:52:59 | A | 15] H:\locale.ini

[14/01/2013 - 18:50:52 | D ] H:\mark

[15/01/2013 - 13:35:26 | A | 342] H:\metin2.cfg

[06/01/2013 - 03:47:28 | N | 3430400] H:\metin2client.dll

[15/01/2013 - 12:45:03 | A | 468] H:\metin2client.dll-up.txt

[02/01/2013 - 11:14:51 | A | 6240723] H:\metin2mod_2011sf.exe

[14/01/2013 - 18:47:29 | D ] H:\miles

[29/12/2012 - 10:24:34 | D ] H:\mod

[08/12/2012 - 22:19:00 | A | 177] H:\mod_config.cfg

[15/01/2013 - 13:24:07 | A | 3] H:\mouse.cfg

[03/01/2013 - 19:05:38 | A | 42327133] H:\Movie_0001.wmv

[25/01/2010 - 11:45:49 | A | 131072] H:\mscoree.dll

[25/01/2010 - 11:45:49 | A | 349696] H:\MSS32.DLL

[02/12/2007 - 14:38:48 | A | 401462] H:\msvcp60.dll

[02/12/2007 - 14:38:48 | A | 434252] H:\MSVCRTD.DLL

[13/12/2012 - 16:28:05 | D ] H:\muzyka

[05/12/2010 - 19:00:16 | A | 3192] H:\Order.htm

[20/04/2012 - 08:59:23 | D ] H:\pack

[12/11/2012 - 14:39:21 | D ] H:\PanghihinayangMt2

[14/06/2012 - 16:00:37 | A | 430247] H:\patcher.exe

[14/06/2012 - 15:57:22 | A | 80] H:\patcher.ini

[14/01/2013 - 18:49:53 | A | 115] H:\patches_vers_list.txt

[11/02/2010 - 06:48:02 | A | 2560] H:\patchw32.dll

[20/04/2012 - 16:37:24 | A | 344064] H:\python22.dll

[20/04/2012 - 16:28:53 | A | 0] H:\pythonscript.py

[09/06/2012 - 18:19:22 | A | 409088] H:\Rar.exe

[30/06/2012 - 20:44:51 | A | 89896] H:\Rar.txt

[09/06/2012 - 18:20:02 | A | 168448] H:\RarExt.dll

[30/06/2012 - 13:57:59 | A | 196608] H:\RarExt64.dll

[05/12/2010 - 18:57:13 | A | 1375] H:\RarFiles.lst

[10/10/2012 - 13:20:38 | A | 20] H:\rarnew.dat

[12/10/2012 - 19:49:46 | SHD ] H:\RECYCLER

[15/01/2013 - 18:43:07 | D ] H:\resource

[14/12/2012 - 15:11:08 | D ] H:\screenshot

[20/10/2012 - 08:55:29 | A | 94135] H:\ServerInfo.exe

[29/12/2012 - 10:19:13 | A | 46545] H:\serverinfo.py

[11/01/2013 - 17:46:06 | D ] H:\SkyBlock2.1

[02/12/2007 - 14:38:48 | A | 1806336] H:\SpeedTreeRT.dll

[15/01/2013 - 13:35:26 | A | 2005] H:\syserr.txt

[16/01/2013 - 08:55:41 | SHD ] H:\System Volume Information

[24/06/2012 - 10:55:45 | A | 9860] H:\TechNote.txt

[14/01/2013 - 18:49:53 | SHD ] H:\Temp

[13/12/2012 - 16:28:06 | A | 77512] H:\uninstall.exe

[WielkiBananPL]

Dodam jeszcze, że komputer się sam resetował .. Nie wiem czy to przegrzanie .

 

@EDIT

 

@Blondyneczka - nie zmieniał temperatury cały czas 36^oC, nie rzucano dyskami.

[Fr3shMak3r]

Tak mnie zastanawia dlaczego Avast działa skoro przecież wirus potrafi wszystkie antywirusy zneutralizować .

Być może to inny wariant ,albo po prostu już kiedyś walczyłeś z tą infekcją a to są ślady po Sality albo poprostu padł ofiarą tej zabójczej infekcji i nie wykrywa .

 

DRV - [2012-08-21 10:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012-08-21 10:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012-08-21 10:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012-08-21 10:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012-08-21 10:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012-08-21 10:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012-08-21 10:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

 

Pobierz SalityKiller .

Po zakończeniu skanowania pokazujesz na screenie ile zarażonych plików wykryło .

http://www.softpedia.com/get/Antivirus/SalityKiller.shtml

[WielkiBananPL]

Czyli po tym skanie komputer, będzie jak nowy (jak przedtem) ?

[Fr3shMak3r]

Nie wiem to zależy od ilości zainfekowanych plików .

Nadal nie dałeś mi loga Extras i nie powiedziałeś czy ci działa tryb awaryjny

Mówiłem ci że to ciężki wirus są przypadki aż tak bardzo trudne do wyleczenia bez całkowitego formatowania dysku .

Niekiedy to jest niemożliwe .

[WielkiBananPL]

Nie wiem to zależy od ilości zainfekowanych plików .

Nadal nie dałeś mi loga Extras i nie powiedziałeś czy ci działa tryb awaryjny

Mówiłem ci że to ciężki wirus są przypadki aż tak bardzo trudne do wyleczenia bez całkowitego formatowania dysku .

Niekiedy to jest niemożliwe .

Tryb awaryjny nie działa . A loga dam ci za (1h-30min), ponieważ jestem na netbooku .

 

@EDIT

Nie jestem pewny do antywirusa co mi podałeś, dlatego bo ściągłem z 3 i w każdym znalazło 2 wirusy 1 szlo usunac a 2 gdy skanowalo wywalil niebieski ekran z tymi napisami ..

[Fr3shMak3r]

Po 1 to nie antywirus tylko szczepionka .

Po 2 on nie usuwa plików tylko je leczy .

Nie rozumiem tu jednego jak mógł wywalić nagle ekran z ,,niebieski ekran z tymi napisami ''

Może chodzi ci o bluescreen a nie chkdsk .

[WielkiBananPL]

przy starcie ładuje mi to chkdsk i zawiesz przy 29% jak już mówiłem (dlatego pomijam to), gdy skanuje kompa avastem zawiesza go przy połowie i wywala bluescreen .

[Fr3shMak3r]

No dobra ale jak skanujesz SalityKillerem to ci tak nagle wywala sprawdzanie dysku ?

Bo ty tak powiedziałeś z tego co ja zrozumiałem.

[WielkiBananPL]

Nie nie . Ja jeszcze nie skanowałemtym sality zara wbijam na kompa . Mówiłem o tym avascie, że takie wybryki robi.

[Fr3shMak3r]

Przecież ci mówię że pewnie Avast padł ofiarą tej zabójczej infekcji .

[WielkiBananPL]

Aha, jestem już na kompie . Do dzieła ;D

[WielkiBananPL]

Skanowałem tym ale .. zaciął się komputer nie wywalił bluescrena .

Spróbuje jeszcze raz .

 

@EDIT

To samo .. Nie działa

[Fr3shMak3r]

To wyłącz przywracanie systemu na wszystkich dyskach i dopiero sprawdź .