|
Log-Analyse und Auswertung: Neues Notebook, Akku ladet nur kurz am Anfang danach ist es immer leer und nach Kabelabbindung gehtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
10.03.2011, 12:00 | #1 |
| Neues Notebook, Akku ladet nur kurz am Anfang danach ist es immer leer und nach Kabelabbindung geht Hallo, mein neues Notebook ladet den Akku nicht Aber ich habe etwas komisches entdeckt. Habe das Samsung Programm Life Bettery entfernt da das Prog mit dem von MS koolidieren kann, neu gestartet und kurz wurde geladen. d.h. der Balken ging paar mal nach oben und dann stoppte der Ladevorgang leider wieder. Es steht zwar dass aufgeladen wird tut er aber nicht mehr, was kann das sein? M.m. nach liegt der Fehler in der Registry oder einem Prog. Wer kann mir da helfen? Werde noch die TFC starten nur ob das was damit zu tun hat. Hoffe ich habe richtig gepostet :-) Hoffe ihr konnt mir helfen. Hier noch die LogfileHiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:36:34, on 2011-03-10 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\Program Files (x86)\Gadu-Gadu 10\gg.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Windows\SysWOW64\RunDll32.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe F:\Programme\Mozilla Thunderbird\Portable Thunderbird 3.0 de\thunderbird\thunderbird.exe C:\Tools\EUSING~1\REGCLE~1.EXE C:\Users\PC\Desktop\Downloads\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: W2PBrowser Browser Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files (x86)\Gadu-Gadu 10\gg.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: SRS Premium Sound.lnk = ? O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll O9 - Extra button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung UPD Service - Unknown owner - C:\Windows\System32\SUPDSvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10250 bytes OTL Datei OTL Logfile: Code:
ATTFilter OTL logfile created on: 3/10/2011 12:11:46 PM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\PC\Desktop\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 69.00% Memory free 8.00 Gb Paging File | 6.00 Gb Available in Paging File | 83.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 575.50 Gb Total Space | 533.03 Gb Free Space | 92.62% Space Free | Partition Type: NTFS Drive D: | 6.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive F: | 7.47 Gb Total Space | 0.74 Gb Free Space | 9.88% Space Free | Partition Type: FAT32 Drive G: | 14.92 Gb Total Space | 14.83 Gb Free Space | 99.39% Space Free | Partition Type: NTFS Computer Name: PC-KOMPUTER | User Name: PC | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/03/10 12:09:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\Downloads\OTL.exe PRC - [2011/03/01 15:47:56 | 002,296,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2011/01/17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2011/01/17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2010/08/27 02:52:12 | 002,782,064 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe PRC - [2010/08/19 09:22:36 | 000,775,336 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe PRC - [2010/08/11 08:34:40 | 004,384,560 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe PRC - [2010/08/09 10:22:24 | 000,862,064 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2010/07/30 09:20:18 | 001,752,680 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe PRC - [2010/07/21 13:46:30 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe PRC - [2010/02/10 15:29:52 | 000,719,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2010/02/03 23:19:52 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010/02/03 23:19:48 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ========== Modules (SafeList) ========== MOD - [2011/03/10 12:09:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\Downloads\OTL.exe MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010/07/21 12:55:16 | 000,226,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\syswow64\BtMmHook.dll MOD - [2010/07/05 11:42:58 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010/09/22 10:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/08/09 20:04:12 | 000,166,704 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc.exe -- (Samsung UPD Service) SRV:64bit: - [2010/07/21 13:46:28 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2010/04/16 16:07:42 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2011/03/01 15:47:56 | 002,296,696 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/03 23:19:52 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010/02/03 23:19:48 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010/08/31 02:13:02 | 000,118,664 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2010/08/30 15:45:48 | 000,394,016 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2010/07/29 01:23:08 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2010/07/20 07:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2010/07/20 07:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010/07/20 07:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2010/07/15 08:44:20 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:64bit: - [2010/07/15 08:44:20 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:64bit: - [2010/07/14 00:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:64bit: - [2010/04/27 18:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010/04/27 18:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010/04/27 08:57:04 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/04/16 16:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010/03/10 03:48:30 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2010/03/02 08:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2010/02/27 01:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/06/10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/28 07:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI) DRV - [2010/12/15 17:37:12 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport) DRV - [2010/07/15 08:44:20 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2010/07/15 08:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Facemoods Search" FF - prefs.js..browser.search.selectedEngine: "Facemoods Search" FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul" FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2010/10/28 07:10:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/10/28 07:10:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/10/28 07:11:05 | 000,000,000 | ---D | M] [2011/03/07 18:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions [2011/03/07 18:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011/03/10 10:14:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\9racxp3m.default\extensions [2011/03/10 10:14:32 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\9racxp3m.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} File not found (No name found) -- () (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9RACXP3M.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI () (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9RACXP3M.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI () (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9RACXP3M.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}.XPI () (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9RACXP3M.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI () (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9RACXP3M.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI () (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9RACXP3M.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI () (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9RACXP3M.DEFAULT\EXTENSIONS\GUICONFIG@SLOSD.NET.XPI [2011/03/07 00:31:54 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrchddr.xml O1 HOSTS File: ([2011/03/10 11:38:03 | 000,431,056 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14834 more lines... O2 - BHO: (W2PBrowser Class) - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll () O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [Eraser] C:\Tools\Eraser\Eraser.exe (The Eraser Project) O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:64bit: - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll () O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/10/23 08:22:58 | 000,000,277 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2010/03/10 13:12:06 | 000,047,708 | ---- | M] () - F:\auto części.jpg1.jpg -- [ FAT32 ] O33 - MountPoints2\{f554106d-48d9-11e0-b736-001bb167d115}\Shell - "" = AutoRun O33 - MountPoints2\{f554106d-48d9-11e0-b736-001bb167d115}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -- [2007/10/23 08:45:39 | 001,336,632 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2011/03/10 12:06:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Malwarebytes [2011/03/10 12:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/03/10 12:06:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011/03/10 12:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/03/10 12:06:37 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/03/10 12:06:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/03/10 10:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011/03/10 10:50:54 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/03/10 10:50:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/03/10 10:50:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011/03/10 10:50:35 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2011/03/10 10:33:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tools [2011/03/10 03:17:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Eraser 6 [2011/03/09 11:18:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\msAdres [2011/03/09 11:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\msAdres [2011/03/09 11:18:22 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\TempDIR [2011/03/09 11:18:22 | 000,000,000 | ---D | C] -- C:\Biznes [2011/03/09 10:28:11 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011/03/09 10:28:11 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011/03/09 10:28:11 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011/03/09 10:28:11 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011/03/09 10:28:10 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2011/03/09 10:28:10 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2011/03/09 10:28:10 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2011/03/09 10:28:10 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2011/03/09 10:28:10 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2011/03/09 10:28:10 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2011/03/09 10:28:10 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2011/03/09 10:28:09 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2011/03/09 10:28:08 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2011/03/09 10:28:07 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2011/03/09 10:28:07 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2011/03/09 10:28:07 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2011/03/09 10:16:14 | 000,000,000 | ---D | C] -- C:\dziadka palce [2011/03/09 01:15:10 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011/03/09 01:15:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011/03/09 00:37:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\skypePM [2011/03/09 00:34:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Skype [2011/03/09 00:29:02 | 000,000,000 | ---D | C] -- C:\Alan Tattoo [2011/03/08 23:21:24 | 000,000,000 | ---D | C] -- C:\Testo [2011/03/08 22:05:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\TeamViewer [2011/03/08 22:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer [2011/03/08 20:06:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Paint.NET [2011/03/08 20:06:33 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET [2011/03/08 09:17:03 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Gadu-Gadu 10 [2011/03/08 09:15:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10 [2011/03/08 09:15:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gadu-Gadu 10 [2011/03/08 09:03:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011/03/07 20:42:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\OpenOffice.org [2011/03/07 18:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software [2011/03/07 18:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange [2011/03/07 18:13:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Thunderbird [2011/03/07 18:00:21 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Flash Video Downloader 2.2 [2011/03/07 17:40:00 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Macromedia [2011/03/07 17:30:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Adobe [2011/03/07 16:52:57 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Downloads [2011/03/07 14:39:58 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\vlc [2011/03/07 12:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011/03/07 12:39:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VLC [2011/03/07 11:56:32 | 000,000,000 | ---D | C] -- C:\Poczta [2011/03/07 09:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2011/03/07 05:19:52 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Mozilla [2011/03/07 05:19:52 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Mozilla [2011/03/07 05:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\Firefox 4 64 Bit [2011/03/07 05:16:14 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/03/07 05:16:14 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/03/07 05:16:14 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011/03/07 05:16:07 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/03/07 05:16:07 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/03/07 05:16:07 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011/03/07 05:16:07 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011/03/07 05:16:07 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011/03/07 05:16:07 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011/03/07 05:16:07 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/03/07 05:16:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/03/07 05:16:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011/03/07 05:16:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011/03/07 05:16:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011/03/07 05:16:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011/03/07 05:15:49 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2011/03/07 05:15:49 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2011/03/07 05:15:49 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2011/03/07 05:15:48 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2011/03/07 05:15:47 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2011/03/07 05:15:46 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2011/03/07 05:15:46 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2011/03/07 05:15:46 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2011/03/07 05:15:46 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2011/03/07 05:15:46 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2011/03/07 05:15:46 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2011/03/07 05:15:46 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2011/03/07 05:15:40 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll [2011/03/07 05:15:40 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2011/03/07 05:15:40 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2011/03/07 05:15:37 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2011/03/07 05:15:35 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll [2011/03/07 05:15:35 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/03/07 05:15:35 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll [2011/03/07 05:15:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/03/07 05:15:35 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll [2011/03/07 05:15:35 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll [2011/03/07 05:15:35 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll [2011/03/07 05:15:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll [2011/03/07 05:15:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll [2011/03/07 05:15:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll [2011/03/07 05:15:33 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2011/03/07 05:15:26 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011/03/07 05:15:26 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011/03/07 05:15:26 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011/03/07 05:15:26 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011/03/07 05:15:25 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011/03/07 05:15:25 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011/03/07 05:15:25 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2011/03/07 05:15:24 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011/03/07 05:15:24 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011/03/07 05:15:24 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011/03/07 05:15:24 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011/03/07 05:15:24 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011/03/07 05:15:24 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011/03/07 05:15:24 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011/03/07 05:15:24 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011/03/07 05:15:24 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011/03/07 05:15:24 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011/03/07 05:15:19 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2011/03/07 05:15:19 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2011/03/07 05:15:17 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2011/03/07 05:15:17 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll [2011/03/07 05:15:01 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2011/03/07 05:15:01 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2011/03/07 05:15:00 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2011/03/07 05:15:00 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2011/03/07 05:14:55 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011/03/07 05:14:55 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011/03/07 05:14:55 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011/03/07 05:14:55 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011/03/07 05:14:50 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2011/03/07 05:14:48 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll [2011/03/07 05:14:48 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll [2011/03/07 05:14:42 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2011/03/07 05:14:34 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2011/03/07 05:14:32 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2011/03/07 05:14:32 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2011/03/07 05:14:31 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011/03/07 05:14:31 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011/03/07 05:14:31 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2011/03/07 05:14:29 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll [2011/03/07 05:10:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2011/03/07 05:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2011/03/07 02:25:30 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Folder wymiany interfejsu Bluetooth [2011/03/07 00:32:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader [2011/03/07 00:31:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011/03/07 00:31:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2011/03/07 00:02:13 | 000,000,000 | ---D | C] -- C:\Downloads [2011/03/06 23:49:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Auslogics [2011/03/06 23:48:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools [2011/03/06 23:45:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/03/06 23:33:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2011/03/06 23:33:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2011/03/06 23:21:56 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2011/03/06 23:21:56 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2011/03/06 23:21:56 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2011/03/06 23:21:56 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2011/03/06 23:21:56 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2011/03/06 23:21:56 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2011/03/06 23:21:56 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2011/03/06 23:21:55 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2011/03/06 23:21:51 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [2011/03/06 23:18:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2011/03/06 23:09:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\WinRAR [2011/03/06 23:09:25 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2011/03/06 23:08:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/03/06 23:06:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Opera [2011/03/06 23:06:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Opera [2011/03/06 23:06:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2011/03/06 23:00:25 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2011/03/06 23:00:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2011/03/06 22:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011/03/06 22:59:32 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011/03/06 22:59:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011/03/06 22:57:11 | 000,000,000 | ---D | C] -- C:\OpenOffice.org 3.3 (de) Installation Files [2011/03/06 22:52:12 | 000,000,000 | ---D | C] -- C:\Tools ========== Files - Modified Within 30 Days ========== [2011/03/10 12:06:41 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/03/10 11:38:03 | 000,431,056 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011/03/10 10:46:25 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/03/10 10:46:25 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/03/10 10:43:29 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/03/10 10:43:29 | 000,697,912 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011/03/10 10:43:29 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/03/10 10:43:29 | 000,134,990 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011/03/10 10:43:29 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/03/10 10:39:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/03/10 10:39:05 | 4148,592,640 | -HS- | M] () -- C:\hiberfil.sys [2011/03/10 10:37:49 | 170,609,600 | ---- | M] () -- C:\Users\PC\Desktop\registry - Free registry cleaner.reg [2011/03/10 10:33:51 | 000,000,786 | ---- | M] () -- C:\Users\PC\Desktop\Eusing Free Registry Cleaner.lnk [2011/03/09 11:18:23 | 000,000,820 | ---- | M] () -- C:\Users\PC\Desktop\msAdres.lnk [2011/03/09 00:37:12 | 000,000,048 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2011/03/08 22:05:08 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk [2011/03/08 09:15:24 | 000,000,992 | ---- | M] () -- C:\Users\Public\Desktop\OpenFM.lnk [2011/03/08 09:15:24 | 000,000,963 | ---- | M] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk [2011/03/07 22:20:50 | 000,001,582 | ---- | M] () -- C:\Users\Public\Desktop\Eraser.lnk [2011/03/07 21:00:13 | 000,001,195 | ---- | M] () -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011/03/07 18:58:31 | 000,001,045 | ---- | M] () -- C:\Users\Public\Desktop\PDF-XChange Viewer.lnk [2011/03/07 17:51:18 | 000,000,803 | ---- | M] () -- C:\Users\PC\Desktop\Revo Uninstaller.lnk [2011/03/07 12:40:04 | 000,000,895 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011/03/07 05:19:42 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\Minefield.lnk [2011/03/07 05:06:01 | 000,001,228 | ---- | M] () -- C:\Users\PC\Desktop\Windows Explorer.lnk [2011/03/07 00:32:06 | 000,000,996 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk [2011/03/07 00:16:18 | 000,001,054 | -H-- | M] () -- C:\Windows\EPMBatch.ept [2011/03/06 23:36:04 | 000,001,750 | ---- | M] () -- C:\Users\Public\Desktop\Wybór przeglądarki.lnk [2011/03/06 23:35:09 | 000,303,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/03/06 23:06:15 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2011/03/06 23:00:25 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2011/03/03 22:09:48 | 002,913,920 | ---- | M] () -- C:\Windows\SysNative\BootMan.exe [2011/03/03 22:09:46 | 002,336,384 | ---- | M] () -- C:\Windows\SysWow64\BootMan.exe [2011/02/19 07:37:10 | 001,540,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011/02/19 07:36:49 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011/02/19 06:32:48 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011/02/19 06:32:35 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll ========== Files Created - No Company Name ========== [2011/03/10 12:06:41 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/03/10 10:37:44 | 170,609,600 | ---- | C] () -- C:\Users\PC\Desktop\registry - Free registry cleaner.reg [2011/03/10 10:33:51 | 000,000,786 | ---- | C] () -- C:\Users\PC\Desktop\Eusing Free Registry Cleaner.lnk [2011/03/09 11:18:23 | 000,000,820 | ---- | C] () -- C:\Users\PC\Desktop\msAdres.lnk [2011/03/09 00:37:12 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011/03/08 22:05:08 | 000,001,134 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk [2011/03/08 22:05:08 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk [2011/03/08 20:06:38 | 000,001,188 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk [2011/03/08 09:15:24 | 000,000,992 | ---- | C] () -- C:\Users\Public\Desktop\OpenFM.lnk [2011/03/08 09:15:24 | 000,000,963 | ---- | C] () -- C:\Users\Public\Desktop\Gadu-Gadu 10.lnk [2011/03/08 09:15:09 | 000,000,971 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadu-Gadu 10.lnk [2011/03/07 22:20:50 | 000,001,594 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk [2011/03/07 22:20:50 | 000,001,582 | ---- | C] () -- C:\Users\Public\Desktop\Eraser.lnk [2011/03/07 21:00:13 | 000,001,195 | ---- | C] () -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011/03/07 18:58:31 | 000,001,045 | ---- | C] () -- C:\Users\Public\Desktop\PDF-XChange Viewer.lnk [2011/03/07 18:00:21 | 000,002,211 | ---- | C] () -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flash Video Downloader 2.2.lnk [2011/03/07 12:40:04 | 000,000,895 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011/03/07 05:19:42 | 000,000,942 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minefield.lnk [2011/03/07 05:19:42 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\Minefield.lnk [2011/03/07 05:10:57 | 000,000,803 | ---- | C] () -- C:\Users\PC\Desktop\Revo Uninstaller.lnk [2011/03/07 05:06:01 | 000,001,228 | ---- | C] () -- C:\Users\PC\Desktop\Windows Explorer.lnk [2011/03/07 00:32:06 | 000,000,996 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk [2011/03/07 00:10:53 | 000,001,054 | -H-- | C] () -- C:\Windows\EPMBatch.ept [2011/03/06 23:57:46 | 002,913,920 | ---- | C] () -- C:\Windows\SysNative\BootMan.exe [2011/03/06 23:57:46 | 002,336,384 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe [2011/03/06 23:57:46 | 000,100,232 | ---- | C] () -- C:\Windows\SysNative\setupempdrvx64.exe [2011/03/06 23:57:46 | 000,016,776 | ---- | C] () -- C:\Windows\SysNative\epmntdrv.sys [2011/03/06 23:57:46 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2011/03/06 23:57:46 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\EuEpmGdi.dll [2011/03/06 23:57:46 | 000,009,096 | ---- | C] () -- C:\Windows\SysNative\EuGdiDrv.sys [2011/03/06 23:57:45 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe [2011/03/06 23:57:45 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2011/03/06 23:57:45 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2011/03/06 23:36:04 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Wybór przeglądarki.lnk [2011/03/06 23:06:15 | 000,001,801 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2011/03/06 23:06:15 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2011/03/06 23:00:25 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2011/01/28 00:31:20 | 000,142,704 | ---- | C] () -- C:\Windows\wiainst64.exe [2011/01/28 00:30:24 | 000,484,656 | ---- | C] () -- C:\Windows\ssndii.exe [2011/01/28 00:30:07 | 000,258,864 | ---- | C] () -- C:\Windows\SUPDRun.exe [2010/10/28 07:09:56 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe [2010/10/28 06:05:49 | 000,001,238 | ---- | C] () -- C:\Windows\HotFixList.ini [2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2009/07/13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin [2009/07/13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2009/07/13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011/01/28 00:35:01 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2011/03/09 15:02:54 | 000,000,000 | ---D | M] -- C:\Alan Tattoo [2011/03/10 03:26:37 | 000,000,000 | ---D | M] -- C:\Biznes [2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2011/03/09 17:20:41 | 000,000,000 | ---D | M] -- C:\Downloads [2011/03/09 10:16:25 | 000,000,000 | ---D | M] -- C:\dziadka palce [2010/10/28 05:37:16 | 000,000,000 | ---D | M] -- C:\Intel [2011/03/06 22:57:13 | 000,000,000 | ---D | M] -- C:\OpenOffice.org 3.3 (de) Installation Files [2009/07/14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2011/03/07 11:57:02 | 000,000,000 | ---D | M] -- C:\Poczta [2011/03/08 20:06:33 | 000,000,000 | R--D | M] -- C:\Program Files [2011/03/10 12:06:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86) [2011/03/10 12:06:40 | 000,000,000 | -H-D | M] -- C:\ProgramData [2011/01/28 00:22:55 | 000,000,000 | -HSD | M] -- C:\Recovery [2011/03/07 15:31:30 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011/03/08 23:25:09 | 000,000,000 | ---D | M] -- C:\Testo [2011/03/10 10:33:50 | 000,000,000 | ---D | M] -- C:\Tools [2011/01/28 00:24:54 | 000,000,000 | R--D | M] -- C:\Users [2011/03/09 17:50:26 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: EXPLORER.EXE > [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe [2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: USERINIT.EXE > [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe [2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe < MD5 for: WININIT.EXE > [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe [2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < > < End of report > Geändert von xeluk (10.03.2011 um 12:24 Uhr) |
10.03.2011, 14:17 | #2 |
/// Malware-holic | Neues Notebook, Akku ladet nur kurz am Anfang danach ist es immer leer und nach Kabelabbindung geht vllt is einfach der akku kaputt, wenn das laptop neu ist, nimm deine garantie leitung in anspruch.
__________________
__________________ |
10.03.2011, 14:22 | #3 |
| Neues Notebook, Akku ladet nur kurz am Anfang danach ist es immer leer und nach Kabelabbindung geht danke
__________________daran habe ich auch gedacht jedoch muss ich den ganzen dann einschicken = Zeit und dazu wundert es mich wie geschrieben, dass es beim Starten ladet, das ist doch eher komisch. Hoffe auf weitere Tipps |
10.03.2011, 14:26 | #4 |
/// Malware-holic | Neues Notebook, Akku ladet nur kurz am Anfang danach ist es immer leer und nach Kabelabbindung geht für mich klingts nach kaputtem akku. sei froh das es jetzt so ist, sonst hättest nen neuen selbst bezahlen müssen. also nicht lange warten sondern schnellst möglich einsenden.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
10.03.2011, 18:09 | #5 |
| Neues Notebook, Akku ladet nur kurz am Anfang danach ist es immer leer und nach Kabelabbindung geht @markusg Danke sehr dachte da ist was zu machen. Werde es wohl leider einschicken. Schade dass die keinen VorOrtService kennen. Sollte doch noch jemand Tipps haben, bitte schreiben. |
21.03.2011, 21:55 | #6 |
| Neues Notebook, Akku ladet nur kurz am Anfang danach ist es immer leer und nach Kabelabbindung geht danke für deine Hilfe, habe ihn wieder. Laut Service war etwas am Mainboard defekt, nun schreibe ich wieder von diesem, das war hoffentlich der einzigste Fehler für längere Zeit und schnell war es auch 15. abgeholt heute zurück, passt auf mir wurde die HDD formatiert und Win7 neu aufgesetzt, nur so zur Info für die die noch nicht in der Situation waren, immer Backup machen :-) was ich komisch finde, der PC war nach Erhalt irgendwie lahmer als beim Kauf, naja egal, Backup drauf und alles ok ----ERLEDIGT---- Geändert von xeluk (21.03.2011 um 22:00 Uhr) |
22.03.2011, 12:43 | #7 |
/// Malware-holic | Neues Notebook, Akku ladet nur kurz am Anfang danach ist es immer leer und nach Kabelabbindung geht http://www.trojaner-board.de/96344-a...-rechners.html setze mal diese tipps um um den pc in zukunft richtig abzusichern!
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
Themen zu Neues Notebook, Akku ladet nur kurz am Anfang danach ist es immer leer und nach Kabelabbindung geht |
adobe, anfang, bho, desktop, dll, eraser, explorer, fehler, hijack, hijackthis, iastor.sys, internet, internet explorer, location, lsass.exe, microsoft, monitor, mozilla, mozilla thunderbird, notebook, notification, nvidia, oldtimer, plug-in, programdata, programm, programme, registry, rundll, searchplugins, security, software, start menu, starten, syswow64, tracker, webcheck, windows, wmp |