x-kom hosting

a.exe - Need help

Nightmareee
utworzono
utworzono

Cóż od jakiegoś czasu regularnie wyskakuje mi error: a.exe. Jest to dość uciążliwe, gdyż grając w wszelkiego rodzaju gry, mam spadki FPS-ów np. ze 125 do 5 na jakies 20 sekund (mam tak w Call of Duty 2). Ostatnio szukałem informacji o tym i użyłem Spycheck antispyware lecz oczywiscie platne wiec ze tak powiem: lipa. Czy o jakieś ewentualne porady mógłbym prosić? ;x

Psycholandia
komentarz
komentarz

Daj zrzut ekranu z tego błędu.

Nightmareee
komentarz
komentarz

http://img174.imageshack.us/img174/346/94434894.png

Tutaj jest link do screena z owym błędem, a tutaj log z OTL:

OTL logfile created on: 2009-07-19 16:52:23 - Run 1OTL by OldTimer - Version 3.0.9.2     Folder = C:\Documents and Settings\Administrator\PulpitWindows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 6.0.2900.2180)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd1023,48 Mb Total Physical Memory | 295,75 Mb Available Physical Memory | 28,90% Memory free2,40 Gb Paging File | 1,58 Gb Available in Paging File | 65,95% Paging File freePaging file location(s): C:\pagefile.sys 1536 3072 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 37,27 Gb Total Space | 12,81 Gb Free Space | 34,38% Space Free | Partition Type: NTFSDrive D: | 74,53 Gb Total Space | 3,01 Gb Free Space | 4,04% Space Free | Partition Type: NTFSDrive E: | 7,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFSDrive F: | 488,85 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFSDrive G: | 642,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFSH: Drive not present or media not loadedDrive I: | 590,98 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFSComputer Name: OEM11Current User Name: AdministratorLogged in as Administrator.Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OnSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [2007-12-05 04:53:58 | 00,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exePRC - [2007-12-05 04:53:58 | 00,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exePRC - [2007-08-27 14:38:50 | 00,566,616 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exePRC - [2008-10-15 14:31:53 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exePRC - [2008-10-15 14:30:02 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exePRC - [2007-06-25 09:47:12 | 01,552,680 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exePRC - [2008-12-29 21:42:27 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exePRC - [2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEPRC - [2009-06-09 23:11:29 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exePRC - [2009-07-18 16:21:56 | 00,189,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exePRC - [2004-08-11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exePRC - [2009-05-16 02:55:16 | 00,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\4548.exePRC - [2004-08-04 00:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXEPRC - [2009-07-17 22:00:10 | 00,135,684 | ---- | M] () -- C:\WINDOWS\msb.exePRC - [2004-12-22 11:09:44 | 00,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXEPRC - [2003-10-31 19:42:40 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exePRC - [2007-08-08 15:53:16 | 00,088,024 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exePRC - [2007-07-17 11:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exePRC - [2004-08-22 17:05:02 | 00,081,920 | ---- | M] (DAEMON'S HOME) -- C:\Program Files\D-Tools\daemon.exePRC - [2008-06-12 14:28:45 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exePRC - [2008-12-29 21:42:27 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exePRC - [2005-10-08 21:08:50 | 00,212,992 | ---- | M] (MB-Soft) -- C:\Program Files\Anti-Blaxx\Anti-Blaxx.exePRC - [2009-04-09 20:10:54 | 00,970,240 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Search Settings\SearchSettings.exePRC - [2008-07-30 13:52:37 | 02,865,152 | ---- | M] () -- C:\Program Files\OSCAR Editor\OscarEditor.exePRC - [2007-07-17 11:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exePRC - [2004-07-28 16:39:28 | 00,962,661 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exePRC - [2007-12-12 10:29:48 | 00,323,584 | ---- | M] (TODO: A4 Tech) -- C:\Program Files\OSCAR Editor\OscarData\Tools\MyShowMessage.exePRC - [2009-06-12 21:44:56 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exePRC - [2009-05-28 11:23:12 | 10,486,376 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exePRC - [2009-05-28 10:33:44 | 00,077,824 | ---- | M] () -- C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exePRC - [2008-11-19 16:45:56 | 13,137,336 | ---- | M] (MusicLab, LLC) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exePRC - [2009-06-05 19:20:30 | 00,126,468 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\a.exePRC - [2009-07-19 16:41:56 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe========== Win32 Services (SafeList) ==========SRV - [2007-08-27 14:38:50 | 00,566,616 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice [Auto | Running])SRV - [2008-10-15 14:31:53 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler [Auto | Running])SRV - [2008-10-15 14:30:02 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService [Auto | Running])SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])SRV - [2007-12-05 04:53:58 | 00,495,616 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])SRV - [2007-09-28 21:05:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])SRV - [2004-10-22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])SRV - [2007-06-25 09:47:12 | 01,552,680 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])SRV - [2009-05-16 02:55:16 | 00,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\4548.exe -- (ipfw [Auto | Running])SRV - [2008-12-29 21:42:27 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])SRV - [2003-06-19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])SRV - [2007-06-29 20:16:56 | 00,800,040 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])SRV - [2007-06-27 20:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])SRV - [2009-06-09 23:11:29 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running])SRV - [2009-07-18 16:21:56 | 00,189,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe -- (pnkbstrb [Auto | Running])SRV - [2008-11-11 10:38:06 | 00,620,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])SRV - [2004-08-11 02:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running])========== Driver Services (SafeList) ==========DRV - [2004-03-02 09:26:58 | 00,050,007 | ---- | M] (Analog Deivces) -- C:\WINDOWS\System32\Drivers\adildr.sys -- (ADILOADER [Auto | Stopped])DRV - [2004-03-02 09:24:16 | 00,127,065 | ---- | M] (Analog Devices Inc.) -- C:\WINDOWS\System32\DRIVERS\adiusbaw.sys -- (adiusbaw [On_Demand | Running])DRV - [2004-12-22 11:07:12 | 02,304,320 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])DRV - [2006-07-01 23:32:26 | 00,043,520 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [system | Running])DRV - [2007-12-05 07:26:40 | 02,782,208 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])DRV - [2008-09-27 16:42:27 | 00,271,360 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\atksgt.sys -- (atksgt [Auto | Running])DRV - [2007-02-27 15:25:01 | 00,011,840 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio [system | Running])DRV - [2008-05-20 16:29:41 | 00,052,032 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt [On_Demand | Running])DRV - [2008-10-30 11:21:03 | 00,075,072 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys -- (avipbb [system | Running])DRV - [2004-08-22 16:31:10 | 00,155,136 | ---- | M] ( ) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys -- (d347bus [boot | Running])DRV - [2004-08-22 16:31:48 | 00,005,248 | ---- | M] ( ) -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt [boot | Running])DRV - [2009-07-16 21:30:59 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Running])DRV - [2007-06-25 09:47:02 | 00,119,080 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDFs.sys -- (InCDfs [Disabled | Running])DRV - [2007-06-25 09:47:12 | 00,036,776 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDPass.sys -- (InCDPass [system | Running])DRV - [2007-06-25 09:47:12 | 00,038,440 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDRm.sys -- (incdrm [system | Running])DRV - [2009-05-16 02:55:17 | 00,026,240 | ---- | M] (WIPFW Project.) -- C:\WINDOWS\System32\DRIVERS\ip_fw.sys -- (ip_fw [On_Demand | Running])DRV - [2008-09-27 16:42:26 | 00,018,048 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys -- (lirsgt [Auto | Running])DRV - [2008-09-15 08:56:24 | 00,017,664 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd [On_Demand | Stopped])DRV - [2008-09-15 08:56:24 | 00,022,016 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc [On_Demand | Stopped])DRV - [2005-05-17 11:45:08 | 00,092,800 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata [boot | Running])DRV - [2005-04-05 21:22:28 | 00,033,536 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])DRV - [2005-04-05 21:22:30 | 00,012,928 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])DRV - [2008-08-26 10:26:12 | 00,018,816 | ---- | M] (Nokia) -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys -- (pccsmcfd [On_Demand | Stopped])DRV - [2003-09-06 14:25:52 | 00,051,744 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06 [system | Running])DRV - [2003-09-06 15:37:22 | 00,062,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02 [boot | Running])DRV - [2003-09-06 14:22:08 | 00,006,944 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1 [boot | Running])DRV - [2002-09-29 00:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])DRV - [2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DRIVERS\PxHelp20.sys -- (PxHelp20 [boot | Running])DRV - [2008-05-16 13:33:12 | 00,089,256 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016bus.sys -- (s0016bus [On_Demand | Stopped])DRV - [2008-05-16 13:33:14 | 00,015,016 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016mdfl.sys -- (s0016mdfl [On_Demand | Stopped])DRV - [2008-05-16 13:33:12 | 00,120,744 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016mdm.sys -- (s0016mdm [On_Demand | Stopped])DRV - [2008-05-16 13:33:12 | 00,114,216 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016mgmt.sys -- (s0016mgmt [On_Demand | Stopped])DRV - [2008-05-16 13:33:14 | 00,025,512 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016nd5.sys -- (s0016nd5 [On_Demand | Stopped])DRV - [2008-05-16 13:33:12 | 00,110,632 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016obex.sys -- (s0016obex [On_Demand | Stopped])DRV - [2008-05-16 13:33:14 | 00,115,752 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016unic.sys -- (s0016unic [On_Demand | Stopped])DRV - [2007-04-03 14:57:42 | 00,083,336 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116bus.sys -- (s116bus [On_Demand | Stopped])DRV - [2007-04-03 14:57:48 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116mdfl.sys -- (s116mdfl [On_Demand | Stopped])DRV - [2007-04-03 14:57:48 | 00,108,680 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116mdm.sys -- (s116mdm [On_Demand | Stopped])DRV - [2007-04-03 14:57:50 | 00,100,488 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116mgmt.sys -- (s116mgmt [On_Demand | Stopped])DRV - [2007-04-03 14:57:52 | 00,023,176 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116nd5.sys -- (s116nd5 [On_Demand | Stopped])DRV - [2007-04-03 14:57:52 | 00,098,696 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116obex.sys -- (s116obex [On_Demand | Stopped])DRV - [2007-04-03 14:57:54 | 00,099,080 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116unic.sys -- (s116unic [On_Demand | Stopped])DRV - [2009-02-22 22:35:48 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [Auto | Running])DRV - [2003-09-06 14:27:06 | 00,004,832 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01 [boot | Running])DRV - [2001-08-17 22:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])DRV - [2007-03-01 10:34:22 | 00,028,352 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -- (ssmdrv [system | Running])DRV - [2008-09-15 08:56:24 | 00,008,064 | ---- | M] (Windows ? Codename Longhorn DDK provider) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev [On_Demand | Stopped])DRV - [2004-08-03 23:08:44 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbser.sys -- (usbser [On_Demand | Stopped])DRV - [2008-09-15 08:56:34 | 00,008,064 | ---- | M] (Windows ? Codename Longhorn DDK provider) -- C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt [On_Demand | Stopped])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhomeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearchIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=homeIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htmIE - HKU\.default\.default\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\s-1-5-18\s-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\s-1-5-21-1614895754-1644491937-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKU\s-1-5-21-1614895754-1644491937-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearchIE - URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL (MyWebSearch.com)IE - URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL File not foundIE - URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)IE - HKU\s-1-5-21-1614895754-1644491937-839522115-500\s-1-5-21-1614895754-1644491937-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ==========FF - prefs.js..browser.search.defaultenginename: "Yahoo"FF - prefs.js..browser.search.selectedEngine: "Allegro"FF - prefs.js..browser.startup.homepage: "http://pl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official"FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.685FF - prefs.js..extensions.enabledItems: NPDyyno@dyyno.com:1.0.0.24FF - prefs.js..extensions.enabledItems: search@searchsettings.com:1.2.1FF - prefs.js..extensions.enabledItems: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}:4.0FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p="FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008-12-29 21:42:29 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009-01-30 19:19:08 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-06-23 22:00:18 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-07-01 12:34:54 | 00,000,000 | ---D | M][2008-11-27 16:15:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions[2008-11-27 16:15:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2009-07-19 13:33:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Firefox\Profiles\8swvf1xo.default\extensions[2009-06-07 19:13:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\Firefox\Profiles\8swvf1xo.default\extensions\NPDyyno@dyyno.com[2009-07-19 13:33:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions[2009-06-19 19:06:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}[2009-06-12 21:45:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2008-12-25 02:21:25 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}[2008-12-29 21:42:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}[2009-06-19 19:06:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\search@searchsettings.com[2009-06-12 21:44:55 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll[2009-06-12 21:44:55 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll[2008-12-29 21:42:28 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll[2009-06-15 11:14:40 | 00,120,296 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npganymedenet.dll[2009-06-12 21:44:58 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll[2006-06-03 18:43:22 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml[2008-04-03 19:19:08 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml[2008-04-16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2007-03-31 19:11:54 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml[2006-06-03 18:43:22 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml[2008-03-28 23:36:04 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml[2007-01-05 13:40:56 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml[2009-06-19 19:06:55 | 00,000,780 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xmlO1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1       localhostO2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL (MyWebSearch.com)O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)O2 - BHO: (XML Class) - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\System32\msxml71.dll ()O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (Zango) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Reg Error: Value error. File not foundO2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)O3 - HKLM\..\Toolbar: (Zango) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Reg Error: Value error. File not foundO4 - HKLM..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe ()O4 - HKLM..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe (MB-Soft)O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)O4 - HKLM..\Run: [DAEMON Tools-1033] C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME)O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)O4 - HKLM..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Spigot, Inc.)O4 - HKLM..\Run: [soundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)O4 - HKU\s-1-5-21-1614895754-1644491937-839522115-500..\Run: [Cognac] C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\a.exe ()O4 - HKU\s-1-5-21-1614895754-1644491937-839522115-500..\Run: [ja minimizer] C:\Documents and Settings\Administrator\Pulpit\ja_minimizer\ja minimizer\ja minimizer.exe File not foundO4 - HKU\s-1-5-21-1614895754-1644491937-839522115-500..\Run: [kamsoft] C:\WINDOWS\System32\kamsoft.exe File not foundO4 - HKU\s-1-5-21-1614895754-1644491937-839522115-500..\Run: [OscarEditor] C:\Program Files\OSCAR Editor\OscarEditor.exe ()O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\hamachi.lnk = D:\Program Files\Hamachi\hamachi.exe (LogMeIn Inc.)O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\MultiRes [2009-06-12 18:25:33 | 00,000,000 | ---D | M]O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\rncsys32.exe ()O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O7 - HKU\.default\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\s-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\s-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\s-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\s-1-5-21-1614895754-1644491937-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00  [binary data]O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab (Reg Error: Key error.)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_11)O18 - Protocol\Handler\alaplaya {60E6FD61-FA26-4706-BF07-C55B3A49E66C} - C:\WINDOWS\System32\alading.dll ()O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Filter:  - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)O20 - AppInit_DLLs: (C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\67572468553mxx.dll) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\67572468553mxx.dll ()O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\secpol.exe) - C:\WINDOWS\System32\secpol.exe File not foundO20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO27 - HKLM IFEO\dailybucks_install.exe: Debugger - C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\db.EXE File not foundO29 - HKLM SecurityProviders - (digiwet.dll) -  File not foundO31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2008-09-23 11:03:49 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O32 - AutoRun File - [2008-03-31 10:08:02 | 00,000,082 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]O32 - AutoRun File - [2003-11-05 01:24:02 | 00,467,456 | R--- | M] (BioWare Corp.) - F:\autorun.exe -- [ CDFS ]O32 - AutoRun File - [2003-11-05 04:19:16 | 00,000,693 | R--- | M] () - F:\autorun.inf -- [ CDFS ]O32 - AutoRun File - [2002-03-12 13:13:35 | 00,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>) - G:\autorun.exe -- [ CDFS ]O32 - AutoRun File - [2002-03-12 13:13:36 | 00,000,044 | R--- | M] () - G:\autorun.inf -- [ CDFS ]O32 - AutoRun File - [2002-03-12 13:13:36 | 00,000,991 | R--- | M] () - G:\autorun.ini -- [ CDFS ]O32 - AutoRun File - [2002-03-07 19:55:00 | 00,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>) - I:\autorun.exe -- [ CDFS ]O32 - AutoRun File - [2003-07-01 16:35:28 | 00,000,049 | R--- | M] () - I:\autorun.inf -- [ CDFS ]O32 - AutoRun File - [2003-07-07 18:44:28 | 00,000,990 | R--- | M] () - I:\autorun.ini -- [ CDFS ]O33 - MountPoints2\{d9b05720-577b-11de-bb76-4d6564696130}\Shell\AutoRun\command - "" = J:\2u.com -- File not foundO33 - MountPoints2\{d9b05720-577b-11de-bb76-4d6564696130}\Shell\explore\Command - "" = J:\2u.com -- File not foundO33 - MountPoints2\{d9b05720-577b-11de-bb76-4d6564696130}\Shell\open\Command - "" = J:\2u.com -- File not foundO34 - HKLM BootExecute: (autocheck) -  File not foundO34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) -  File not foundO34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()========== Files/Folders - Created Within 30 Days ==========[3 C:\WINDOWS\System32\*.tmp files][2009-07-19 16:41:54 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe[2009-07-19 16:40:37 | 02,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Błąd.bmp[2009-07-19 15:58:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\1C2E[2009-07-18 16:00:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\md2_demo(2)[2009-07-18 15:13:39 | 98,721,054 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\md2_demo(2).zip[2009-07-18 00:49:18 | 13,880,335 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\spycheck_antispyware(2).zip[2009-07-18 00:27:23 | 00,000,000 | ---D | C] -- C:\Program Files\Hydra Networks[2009-07-18 00:23:22 | 13,880,335 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\spycheck_antispyware.zip[2009-07-17 22:00:25 | 00,135,684 | ---- | C] () -- C:\WINDOWS\msb.exe[2009-07-17 21:42:57 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\crash[2009-07-17 14:16:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\121F[2009-07-17 12:35:13 | 00,000,300 | -H-- | C] () -- C:\WINDOWS\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job[2009-07-17 01:08:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Nowy Archiwum WinRAR-a (ZIP)[2009-07-17 01:04:41 | 00,051,508 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Nowy Archiwum WinRAR-a (ZIP).zip[2009-07-16 22:25:23 | 00,030,323 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\md2_demo.zip[2009-07-16 22:25:15 | 61,522,158 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\md2_demo.zip.part[2009-07-16 21:30:59 | 00,000,530 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\hamachi.lnk[2009-07-16 21:30:22 | 01,013,456 | ---- | C] (LogMeIn Inc.) -- C:\Documents and Settings\Administrator\Pulpit\HamachiSetup-1.0.3.0-pl.exe[2009-07-16 19:51:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\3B33C[2009-07-15 03:43:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\d_e[2009-07-15 03:27:15 | 11,754,5528 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\d_e.zip[2009-07-14 22:10:51 | 00,203,264 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\3390_Polkadot.thm[2009-07-14 18:54:27 | 00,232,960 | ---- | C] () -- C:\WINDOWS\odb.exe[2009-07-14 18:54:26 | 00,279,552 | ---- | C] () -- C:\WINDOWS\lsass.exe[2009-07-14 18:54:26 | 00,232,960 | ---- | C] () -- C:\WINDOWS\svc.exe[2009-07-14 18:54:26 | 00,000,000 | -HSD | C] -- C:\WINDOWS\System32\lowsec[2009-07-13 00:15:01 | 00,042,237 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Saints Row 2.torrent[2009-07-12 23:00:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Mount&Blade Savegames[2009-07-12 22:56:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mount&Blade[2009-07-12 22:21:01 | 00,100,060 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\5033429576_22_0.pdf[2009-07-11 03:29:13 | 00,000,032 | ---- | C] () -- C:\WINDOWS\Chronicles.INI[2009-07-11 01:48:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\The Path[2009-07-11 01:48:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\The Path[2009-07-10 17:21:16 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Adviser[2009-07-10 14:48:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\25203[2009-07-10 13:11:45 | 00,000,530 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\hamachi.lnk[2009-07-10 01:52:15 | 00,036,032 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\a4cd493a5166570253f17c8ffb25bb52a235e21c.torrent[2009-07-10 01:50:56 | 00,038,172 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\67222db29f374e057fbc2eb2a24c81dc2e7d5bdd.torrent[2009-07-10 01:47:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\2A3D8[2009-07-09 20:49:04 | 00,000,000 | ---D | C] -- C:\Program Files\DX-Ball[2009-07-09 18:17:09 | 00,204,800 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\ojpenhanced.rar[2009-07-09 18:07:20 | 00,049,152 | ---- | C] (BlueByte Co.) -- C:\Documents and Settings\Administrator\Pulpit\Jed Academy Minimizer.exe[2009-07-09 11:43:50 | 00,083,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\f3f160da.sys[2009-07-08 17:18:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\14203[2009-07-08 00:02:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\10AB[2009-07-07 23:53:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\CoD2Wallhackv1.2[2009-07-07 17:08:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\2A128[2009-07-07 03:02:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\1399[2009-07-06 22:55:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\19109[2009-07-05 18:16:19 | 00,122,880 | ---- | C] () -- C:\WINDOWS\msa.exe[2009-07-05 18:16:06 | 00,000,256 | -H-- | C] () -- C:\WINDOWS\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job[2009-07-05 18:15:49 | 00,209,412 | ---- | C] () -- C:\WINDOWS\System32\msxml71.dll[2009-07-05 18:14:19 | 00,032,768 | ---- | C] () -- C:\ygfiabv.exe[2009-07-05 18:14:17 | 00,201,700 | ---- | C] () -- C:\lysg.exe[2009-07-05 18:14:15 | 00,000,002 | ---- | C] () -- C:\-1939311003[2009-07-02 21:26:08 | 00,041,808 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll[2009-07-02 21:08:00 | 00,000,104 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Internet.lnk[2009-07-01 12:35:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\GanymedeNet[2009-07-01 12:34:32 | 00,000,000 | ---D | C] -- C:\Program Files\Ganymede[2009-06-27 14:21:26 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\vidccleaner.exe[2009-06-27 14:21:23 | 00,000,663 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Samsung Master.lnk[2009-06-27 14:20:43 | 00,217,088 | ---- | C] (STOIK Software) -- C:\WINDOWS\System32\skjpeg40.dll[2009-06-27 14:20:42 | 00,083,968 | ---- | C] (STOIK Software Ltd.) -- C:\WINDOWS\System32\Skbase40.dll[2009-06-27 14:20:39 | 00,000,000 | ---D | C] -- C:\Program Files\Samsung[2009-06-21 20:22:54 | 00,000,396 | ---- | C] () -- C:\WINDOWS\tasks\NSSstub.job[2009-06-19 19:08:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Search Settings[2009-06-19 19:08:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Dealio[2009-06-19 19:06:54 | 00,000,000 | ---D | C] -- C:\Program Files\Search Settings[2009-06-19 19:06:15 | 00,000,000 | ---D | C] -- C:\Program Files\Dealio Toolbar[2009-06-19 19:06:12 | 00,000,900 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Free Mp3 Wma Converter.lnk[2009-06-19 19:06:08 | 00,164,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMCT232.OCX[2009-06-19 19:06:07 | 00,516,173 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCP60D.DLL[2009-06-19 19:06:07 | 00,385,100 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCRTD.DLL[2009-06-19 19:06:03 | 00,479,232 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioVisu.dll[2009-06-19 19:06:03 | 00,454,656 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioRecord.dll[2009-06-19 19:06:03 | 00,348,160 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\WMAFile.dll[2009-06-19 19:06:03 | 00,116,296 | ---- | C] () -- C:\WINDOWS\System32\NCTWMAProfiles.prx[2009-06-19 19:06:02 | 01,986,560 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudFile.dll[2009-06-19 19:06:02 | 01,212,416 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioInfos.dll[2009-06-19 19:06:02 | 00,458,752 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudPlayer.dll[2009-06-19 19:06:02 | 00,417,792 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudDisplay.dll[2009-06-19 19:06:01 | 02,084,864 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudDesign.dll[2009-06-19 19:06:01 | 00,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL[2009-06-19 19:06:01 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6STKIT.DLL[2009-06-19 19:06:01 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetfr.DLL[2009-06-19 19:06:00 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TABCTFR.DLL[2009-06-19 19:05:57 | 00,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX[2009-06-19 19:05:57 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL[2009-06-19 19:05:57 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscc2fr.dll[2009-06-19 19:05:56 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CMDLGFR.DLL[2009-06-19 19:05:55 | 00,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll[2009-06-19 19:05:55 | 00,000,000 | ---D | C] -- C:\Program Files\Free Audio Pack[2009-06-15 21:25:20 | 00,000,871 | ---- | C] () -- C:\WINDOWS\QIII.INI[2009-06-12 18:25:00 | 00,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini[2009-05-01 01:09:10 | 00,000,319 | ---- | C] () -- C:\WINDOWS\game.ini[2009-04-13 16:05:07 | 00,000,154 | ---- | C] () -- C:\WINDOWS\adidsl.ini[2009-04-13 16:05:07 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini[2009-04-13 16:05:00 | 00,000,998 | ---- | C] () -- C:\WINDOWS\adiras.ini[2009-04-13 16:04:57 | 00,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll[2009-04-13 16:04:55 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll[2009-01-07 17:24:03 | 00,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini[2009-01-05 17:38:12 | 00,032,256 | ---- | C] () -- C:\WINDOWS\System32\alading.dll[2008-12-30 19:19:28 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI[2008-11-27 17:35:49 | 00,015,360 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll[2008-10-10 19:39:51 | 00,000,298 | ---- | C] () -- C:\WINDOWS\thug2.ini[2008-10-04 18:03:20 | 00,000,729 | ---- | C] () -- C:\WINDOWS\Ulead32.ini[2008-09-27 16:42:27 | 00,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys[2008-09-27 16:42:26 | 00,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys[2008-09-27 15:58:33 | 00,139,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys[2008-09-24 21:07:02 | 00,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys[2008-09-24 21:07:02 | 00,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys[2008-09-24 15:19:32 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini[2008-09-24 15:18:56 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI[2008-09-24 13:44:28 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll[2008-09-24 13:44:28 | 00,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll[2008-09-24 13:44:28 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll[2008-09-24 13:44:28 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\libfaac.dll[2008-09-24 13:44:26 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll[2008-09-24 13:29:37 | 00,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini[2008-09-24 13:17:41 | 00,001,266 | ---- | C] () -- C:\WINDOWS\wincmd.ini[2008-09-23 14:25:00 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini[2008-09-23 14:24:54 | 00,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll[2007-10-12 23:20:06 | 00,151,417 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat[2007-07-23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll[2007-07-23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll[2007-07-23 09:03:32 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll[2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll[2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll[2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll[2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll[2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll[2007-07-23 09:03:30 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll[2007-03-29 23:00:40 | 00,203,264 | ---- | C] () -- C:\WINDOWS\System32\CddbCdda.dll[2004-08-22 17:04:56 | 00,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll[2004-08-04 00:44:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll[2003-04-08 11:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI[2002-10-03 14:42:27 | 00,000,034 | ---- | C] () -- C:\WINDOWS\Q3version.ini[2002-09-29 00:00:00 | 00,000,573 | ---- | C] () -- C:\WINDOWS\win.ini[2002-09-29 00:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini========== Files - Modified Within 30 Days ==========[3 C:\WINDOWS\System32\*.tmp files][4 C:\WINDOWS\*.tmp files][2009-07-19 16:53:11 | 00,083,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\f3f160da.sys[2009-07-19 16:41:56 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe[2009-07-19 16:40:38 | 02,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Błąd.bmp[2009-07-19 16:39:58 | 00,000,300 | -H-- | M] () -- C:\WINDOWS\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job[2009-07-19 16:00:19 | 00,000,256 | -H-- | M] () -- C:\WINDOWS\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job[2009-07-19 13:20:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2009-07-19 13:19:51 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2009-07-18 16:22:30 | 00,139,584 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys[2009-07-18 16:21:56 | 00,189,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr[2009-07-18 16:21:56 | 00,189,104 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe[2009-07-18 15:34:39 | 98,721,054 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\md2_demo(2).zip[2009-07-18 00:49:26 | 13,880,335 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\spycheck_antispyware(2).zip[2009-07-18 00:25:19 | 13,880,335 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\spycheck_antispyware.zip[2009-07-17 22:00:10 | 00,135,684 | ---- | M] () -- C:\WINDOWS\msb.exe[2009-07-17 21:42:57 | 00,004,096 | ---- | M] () -- C:\WINDOWS\System32\crash[2009-07-17 01:04:43 | 00,051,508 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Nowy Archiwum WinRAR-a (ZIP).zip[2009-07-17 01:03:11 | 00,030,323 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\md2_demo.zip[2009-07-16 22:35:42 | 61,522,158 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\md2_demo.zip.part[2009-07-16 21:30:59 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys[2009-07-16 21:30:59 | 00,000,530 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\hamachi.lnk[2009-07-16 21:30:59 | 00,000,530 | ---- | M] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\hamachi.lnk[2009-07-16 21:30:29 | 01,013,456 | ---- | M] (LogMeIn Inc.) -- C:\Documents and Settings\Administrator\Pulpit\HamachiSetup-1.0.3.0-pl.exe[2009-07-15 03:43:49 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini[2009-07-15 03:43:17 | 11,754,5528 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\d_e.zip[2009-07-14 22:10:51 | 00,203,264 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\3390_Polkadot.thm[2009-07-14 18:54:24 | 00,232,960 | ---- | M] () -- C:\WINDOWS\svc.exe[2009-07-14 18:54:24 | 00,232,960 | ---- | M] () -- C:\WINDOWS\odb.exe[2009-07-14 18:54:23 | 00,279,552 | ---- | M] () -- C:\WINDOWS\lsass.exe[2009-07-14 03:20:38 | 03,184,282 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db[2009-07-14 03:07:05 | 00,100,352 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009-07-13 00:15:06 | 00,042,237 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Saints Row 2.torrent[2009-07-12 22:21:01 | 00,100,060 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\5033429576_22_0.pdf[2009-07-12 14:45:12 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2009-07-12 01:52:38 | 00,000,032 | ---- | M] () -- C:\WINDOWS\Chronicles.INI[2009-07-10 01:52:16 | 00,036,032 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\a4cd493a5166570253f17c8ffb25bb52a235e21c.torrent[2009-07-10 01:51:01 | 00,038,172 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\67222db29f374e057fbc2eb2a24c81dc2e7d5bdd.torrent[2009-07-09 18:17:28 | 00,204,800 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\ojpenhanced.rar[2009-07-09 18:07:23 | 00,049,152 | ---- | M] (BlueByte Co.) -- C:\Documents and Settings\Administrator\Pulpit\Jed Academy Minimizer.exe[2009-07-07 02:22:16 | 00,461,238 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat[2009-07-07 02:22:16 | 00,404,104 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat[2009-07-07 02:22:16 | 00,080,664 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat[2009-07-07 02:22:16 | 00,063,324 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat[2009-07-07 02:22:15 | 01,021,220 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI[2009-07-06 18:51:20 | 00,000,000 | ---- | M] () -- C:\testwma.raw[2009-07-05 18:16:02 | 00,122,880 | ---- | M] () -- C:\WINDOWS\msa.exe[2009-07-05 18:15:49 | 00,209,412 | ---- | M] () -- C:\WINDOWS\System32\msxml71.dll[2009-07-05 18:14:21 | 00,032,768 | ---- | M] () -- C:\ygfiabv.exe[2009-07-05 18:14:19 | 00,201,700 | ---- | M] () -- C:\lysg.exe[2009-07-05 18:14:17 | 00,000,002 | ---- | M] () -- C:\-1939311003[2009-07-02 21:26:08 | 00,041,808 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll[2009-07-02 21:08:00 | 00,000,104 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Internet.lnk[2009-06-27 14:21:23 | 00,000,663 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Samsung Master.lnk[2009-06-21 23:22:15 | 00,000,396 | ---- | M] () -- C:\WINDOWS\tasks\NSSstub.job[2009-06-19 19:06:12 | 00,000,900 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Free Mp3 Wma Converter.lnk[2009-06-19 19:05:53 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx========== LOP Check ==========[2009-07-12 22:56:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji[2009-01-28 15:02:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\23doors[2009-04-11 18:55:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Ace[2008-12-31 18:19:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Ahead[2008-09-24 13:43:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ATI[2008-12-29 16:55:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\AutoUpdate[2009-06-19 19:08:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Dealio[2009-07-01 12:36:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\GanymedeNet[2009-07-19 13:22:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Hamachi[2008-12-08 15:49:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ImgBurn[2009-07-08 12:25:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ipla[2008-12-29 16:55:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Listonosz[2008-11-27 15:05:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mikrotik[2009-07-12 23:55:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mount&Blade[2009-01-30 19:20:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nokia[2009-04-25 22:15:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu[2008-12-29 16:55:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Onet[2008-11-28 01:23:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera[2009-01-30 19:19:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\PC Suite[2009-02-07 19:52:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Petroglyph[2009-06-19 19:08:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Search Settings[2009-03-05 20:26:32 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\SecuROM[2008-10-19 12:40:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\SPORE[2009-05-26 00:17:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sports Interactive[2009-07-17 22:41:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\teamspeak2[2009-07-11 15:44:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\The Path[2009-07-18 18:02:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent[2009-07-18 18:02:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Xfire[2009-06-01 16:16:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\ZipZag[2009-07-19 15:58:28 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji[2009-04-23 12:13:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\0177[2008-12-26 14:11:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\02EB[2009-05-22 17:10:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\0BB[2008-12-12 00:29:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\10398[2009-07-08 00:02:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\10AB[2009-06-10 18:08:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1128[2009-03-04 21:01:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\11F[2009-07-17 14:16:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\121F[2009-05-22 17:09:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\13119[2009-01-31 01:58:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\13373[2009-04-25 01:32:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\135D[2009-07-07 03:02:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1399[2009-05-24 01:46:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\13D8[2009-07-08 17:18:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\14203[2009-02-13 16:36:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\142EE[2009-06-12 15:02:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\142F2[2009-01-15 22:22:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\153E[2009-02-21 13:11:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\159C[2009-03-07 16:19:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\161D4[2009-03-10 16:30:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1635B[2009-01-11 21:15:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\17196[2009-07-06 22:55:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\19109[2009-02-12 23:39:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\19203[2009-05-17 11:58:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1A1D4[2009-04-18 13:41:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1B1F4[2009-04-25 21:52:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1B232[2009-07-19 15:58:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1C2E[2009-05-28 19:37:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1D1F[2008-12-25 02:57:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1D34B[2009-03-09 16:49:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1D3D3[2009-04-19 01:34:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1E13C[2008-12-11 21:43:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1E1B4[2009-04-13 13:10:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\1F31C[2008-12-11 21:31:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\201F2[2008-12-27 23:53:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\202E[2009-01-17 12:03:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\208C[2009-05-20 17:30:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\208D[2008-12-12 00:30:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\20E[2009-06-03 10:59:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\211A5[2009-04-29 10:35:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\225D[2009-01-13 16:02:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\22DA[2008-12-11 23:48:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\234C[2009-05-26 13:25:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\239C[2008-12-20 19:56:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\24148[2009-05-01 00:33:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\24271[2009-05-19 15:57:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\24FE[2009-07-10 14:48:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\25203[2009-04-12 17:11:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2538A[2009-04-11 15:35:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\253C8[2009-03-18 00:23:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\27109[2009-01-07 19:03:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2736B[2009-02-10 14:02:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\28242[2009-03-18 10:44:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\28280[2009-05-23 14:57:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\29138[2009-04-11 20:38:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\29213[2009-06-10 08:53:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\292CE[2009-04-17 22:53:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\29C[2009-07-07 17:08:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2A128[2009-05-24 22:52:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2A1C5[2009-04-20 23:42:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2A222[2009-05-11 16:27:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2A278[2009-04-21 16:04:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2A3B9[2009-07-10 01:47:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2A3D8[2009-02-22 13:41:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2AF8[2009-05-30 21:36:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2B251[2009-04-14 12:19:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2B2CE[2009-06-03 11:03:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2C5D[2009-03-20 16:42:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2D242[2009-01-11 23:44:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2DBoy[2008-12-27 03:47:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2E2EE[2009-05-18 22:55:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2E3C8[2009-03-03 20:30:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2EA[2009-05-23 15:35:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2F29F[2009-06-13 16:28:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\2F34B[2009-03-07 12:58:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\301B5[2009-05-02 17:24:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\302AF[2009-03-10 20:59:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\311C5[2009-05-02 17:29:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\31213[2008-12-12 00:15:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\322EC[2008-12-25 23:58:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\3237A[2009-05-25 22:58:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\3251[2009-05-15 20:52:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\33167[2009-05-23 18:27:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\334B[2008-12-23 18:10:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\34148[2009-05-11 17:27:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\34278[2009-04-27 13:42:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\343B9[2009-05-11 16:48:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\351CD[2009-05-01 22:29:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\3531C[2009-01-05 23:39:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\35FA[2009-05-02 01:36:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\362AF[2009-04-12 08:14:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\362BF[2009-04-12 16:30:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\3633C[2008-12-31 15:53:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\371E4[2008-12-26 13:33:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\38290[2009-04-12 13:14:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\38BB[2008-12-27 20:44:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\392CE[2009-05-10 18:47:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\3933C[2009-04-26 13:54:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\3B1A0[2009-07-16 19:51:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\3B33C[2009-05-20 20:05:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\41B5[2009-03-05 20:07:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\4232[2009-06-08 09:51:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\4CB[2009-03-19 17:17:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\51E4[2009-05-11 17:28:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\5278[2009-01-13 20:40:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\5399[2009-05-24 13:24:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\631C[2009-03-19 22:19:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\63A9[2008-12-24 15:02:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\6DA[2008-12-19 20:17:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\7109[2009-05-16 13:56:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\72DE[2009-03-09 15:43:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\72FF[2009-05-25 22:11:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\734B[2009-05-01 00:26:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\76D[2008-12-12 00:18:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\82CD[2009-03-21 00:07:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\92AF[2009-03-17 00:03:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\A1C8[2009-05-11 23:12:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\A3C8[2008-12-23 16:07:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ahead[2008-09-24 13:43:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI[2009-01-09 20:12:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\B2DE[2008-12-12 00:06:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\B398[2009-06-14 19:09:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard[2009-01-16 17:56:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BVRP Software[2009-05-02 17:30:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\C186[2009-01-12 15:54:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\C271[2009-01-23 15:26:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\C4E[2009-05-06 17:24:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\C8C[2008-12-26 17:26:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\C9A[2009-05-24 22:46:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CAB[2008-10-22 22:33:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Codemasters[2008-09-24 13:31:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CyberLink[2008-09-24 13:31:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DVD Shrink[2009-03-15 23:41:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\E36B[2009-01-27 20:33:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\E4E[2008-09-24 15:20:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET[2009-02-21 23:42:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\F1AA[2009-05-18 13:39:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\F32C[2009-01-30 19:17:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations[2009-05-12 17:05:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla[2009-01-30 19:19:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite[2008-12-29 18:53:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Startup Manager[2009-07-18 15:57:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP[2008-09-23 12:52:39 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji[2009-01-04 18:17:24 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Julia\Dane aplikacji[2009-01-04 18:16:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Julia\Dane aplikacji\ATI[2009-01-14 15:40:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji[2009-01-14 15:40:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Xfire[2008-11-27 16:06:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji[2008-11-27 16:06:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Xfire[2002-09-29 00:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini[2009-06-21 23:22:15 | 00,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\NSSstub.job[2009-07-19 13:20:06 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT[2009-07-19 16:00:19 | 00,000,256 | -H-- | M] () -- C:\WINDOWS\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job[2009-07-19 16:39:58 | 00,000,300 | -H-- | M] () -- C:\WINDOWS\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job========== Purity Check ==================== Alternate Data Streams ==========@Alternate Data Stream - 362 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF< End of report >
Gość
komentarz
komentarz

Widze duzo trojanow, robakow i Rootkita.

Na te wirusy jest najlepszy ComboFix, daj z niego loga. ;)

.

Nightmareee
komentarz
komentarz

Oto log z ComboFixa:

ComboFix 09-07-19.01 - Administrator 2009-07-19 19:57.1.1 - NTFSx86Microsoft Windows XP Professional  5.1.2600.2.1250.48.1045.18.1023.545 [GMT 2:00]Uruchomiony z: c:\documents and settings\Administrator\Pulpit\ComboFix.exeAV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} * Utworzono nowy punkt przywracania.(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).C:\-1939311003c:\docume~1\ADMINI~1\USTAWI~1\Temp\67572468553mxx.dllc:\documents and settings\Administrator\Dane aplikacji\wiaserva.logc:\documents and settings\Administrator\Menu Start\Programy\Autostart\rncsys32.exec:\documents and settings\Administrator\Ustawienia lokalne\Temp\67572468553mxx.dllc:\program files\Dealio Toolbarc:\program files\Dealio Toolbar\config.inic:\program files\Dealio Toolbar\DealioToolbarIE.dllc:\program files\Dealio Toolbar\Res\amazon.gifc:\program files\Dealio Toolbar\Res\apple.gifc:\program files\Dealio Toolbar\Res\barnes.gifc:\program files\Dealio Toolbar\Res\bestbuy.gifc:\program files\Dealio Toolbar\Res\dealio_logo.gifc:\program files\Dealio Toolbar\Res\dealio_logo_hover.gifc:\program files\Dealio Toolbar\Res\ebay.gifc:\program files\Dealio Toolbar\Res\icon_settings.gifc:\program files\Dealio Toolbar\Res\macys.gifc:\program files\Dealio Toolbar\Res\newegg.gifc:\program files\Dealio Toolbar\Res\overstock.gifc:\program files\Dealio Toolbar\Res\search-button-hover.gifc:\program files\Dealio Toolbar\Res\search-button.gifc:\program files\Dealio Toolbar\Res\search-chevron-hover.gifc:\program files\Dealio Toolbar\Res\search-chevron.gifc:\program files\Dealio Toolbar\Res\search_amazon.gifc:\program files\Dealio Toolbar\Res\search_dealio.gifc:\program files\Dealio Toolbar\Res\search_ebay.gifc:\program files\Dealio Toolbar\Res\search_yahoo.gifc:\program files\Dealio Toolbar\Res\separator.gifc:\program files\Dealio Toolbar\Res\target.gifc:\program files\Dealio Toolbar\Res\walmart.gifc:\program files\Dealio Toolbar\Res\widgets.xmlc:\program files\Dealio Toolbar\SearchSettingsKit.exec:\program files\Dealio Toolbar\WidgiHelper.exec:\program files\Microsoft Security Adviserc:\program files\Microsoft Security Adviser\msctrl.logc:\program files\Microsoft Security Adviser\mssadv.logc:\program files\MyWebSearchc:\program files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLLc:\program files\Search Settingsc:\program files\Search Settings\kb128\SearchSettings.dllc:\program files\Search Settings\kb128\SearchSettingsRes409.dllc:\program files\Search Settings\SearchSettings.exec:\windows\lsass.exec:\windows\msa.exec:\windows\odb.exec:\windows\svc.exec:\windows\system32\4548.exec:\windows\system32\drivers\f3f160da.sysc:\windows\system32\Drivers\ip_fw.sysc:\windows\system32\lowsecc:\windows\system32\lowsec\local.dsc:\windows\system32\lowsec\user.dsc:\windows\system32\msxml71.dllc:\windows\system32\sdra64.exec:\windows\system32\tmp73.tmpc:\windows\system32\tmp74.tmpc:\windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.jobc:\windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.jobD:\install.exe.(((((((((((((((((((((((((((((((((((((((   Sterowniki/Usługi   ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Legacy_IPFW-------\Legacy_IP_FW-------\Service_f3f160da-------\Service_glaide32-------\Service_ip_fw-------\Service_ipfw(((((((((((((((((((((((((   Pliki utworzone od 2009-06-19 do 2009-07-19  ))))))))))))))))))))))))))))))).2009-07-19 13:58 . 2009-07-19 13:58	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\1C2E2009-07-17 22:27 . 2009-07-17 22:27	65536	----a-r-	c:\documents and settings\Administrator\Dane aplikacji\Microsoft\Installer\{A6F4DE62-BA95-45B5-B27D-39E5ABB4E77D}\NewShortcut1_6D307F405A8B42488CCA5C8E4FA8753B.exe2009-07-17 22:27 . 2009-07-17 22:27	10134	----a-r-	c:\documents and settings\Administrator\Dane aplikacji\Microsoft\Installer\{A6F4DE62-BA95-45B5-B27D-39E5ABB4E77D}\ARPPRODUCTICON.exe2009-07-17 22:27 . 2009-07-17 22:27	--------	d-----w-	c:\program files\Hydra Networks2009-07-17 20:00 . 2009-07-17 20:00	135684	----a-w-	c:\windows\msb.exe2009-07-17 12:16 . 2009-07-17 12:16	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\121F2009-07-16 17:51 . 2009-07-16 17:51	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\3B33C2009-07-12 20:56 . 2009-07-12 21:55	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\Mount&Blade2009-07-10 23:48 . 2009-07-11 13:44	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\The Path2009-07-10 18:16 . 2009-07-10 18:16	--------	d-----w-	c:\windows\system32\wbem\Repository2009-07-10 12:48 . 2009-07-10 12:48	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\252032009-07-09 23:47 . 2009-07-09 23:47	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\2A3D82009-07-09 18:49 . 2009-07-09 18:49	--------	d-----w-	c:\program files\DX-Ball2009-07-08 15:18 . 2009-07-08 15:18	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\142032009-07-07 22:02 . 2009-07-07 22:02	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\10AB2009-07-07 15:08 . 2009-07-07 15:08	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\2A1282009-07-07 01:02 . 2009-07-07 01:02	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\13992009-07-06 20:55 . 2009-07-06 20:55	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\191092009-07-05 16:14 . 2009-07-05 16:14	32768	----a-w-	C:\ygfiabv.exe2009-07-05 16:14 . 2009-07-05 16:14	201700	----a-w-	C:\lysg.exe2009-07-05 15:03 . 2009-07-05 15:03	--------	d-s---w-	c:\documents and settings\Administrator\UserData2009-07-02 19:26 . 2009-07-02 19:26	41808	----a-w-	c:\windows\system32\xfcodec.dll2009-07-01 10:35 . 2009-07-01 10:36	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\GanymedeNet2009-07-01 10:34 . 2009-07-01 10:35	--------	d-----w-	c:\program files\Ganymede2009-06-27 12:21 . 2004-03-09 09:39	8704	----a-w-	c:\windows\system32\vidccleaner.exe2009-06-27 12:20 . 1998-07-09 18:41	217088	----a-w-	c:\windows\system32\skjpeg40.dll2009-06-27 12:20 . 1998-03-04 09:40	83968	----a-w-	c:\windows\system32\Skbase40.dll2009-06-27 12:20 . 2009-06-27 12:20	--------	d-----w-	c:\program files\Samsung.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-07-19 18:05 . 2008-12-01 15:14	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\Hamachi2009-07-18 16:02 . 2008-09-27 10:56	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\Xfire2009-07-18 16:02 . 2008-11-27 15:55	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\uTorrent2009-07-18 14:22 . 2008-09-27 13:58	139584	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys2009-07-18 14:21 . 2008-09-27 13:58	189104	----a-w-	c:\windows\system32\PnkBstrB.exe2009-07-18 13:57 . 2008-10-28 19:37	--------	d---a-w-	c:\documents and settings\All Users\Dane aplikacji\TEMP2009-07-17 20:41 . 2008-11-27 18:04	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\teamspeak22009-07-16 19:30 . 2008-12-01 15:14	25280	----a-w-	c:\windows\system32\drivers\hamachi.sys2009-07-16 01:47 . 2008-09-27 10:56	--------	d-s---w-	c:\program files\Xfire2009-07-13 00:33 . 2008-12-29 16:53	--------	d-----w-	c:\program files\Startup Manager2009-07-11 23:57 . 2008-09-23 12:24	--------	d--h--w-	c:\program files\InstallShield Installation Information2009-07-08 10:25 . 2009-04-20 11:06	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\ipla2009-07-07 00:22 . 2002-09-28 22:00	80664	----a-w-	c:\windows\system32\perfc015.dat2009-07-07 00:22 . 2002-09-28 22:00	461238	----a-w-	c:\windows\system32\perfh015.dat2009-06-19 17:08 . 2009-06-19 17:08	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\Search Settings2009-06-19 17:08 . 2009-06-19 17:08	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\Dealio2009-06-19 17:06 . 2009-06-19 17:05	--------	d-----w-	c:\program files\Free Audio Pack2009-06-18 16:30 . 2008-12-25 00:21	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\Skype2009-06-18 16:04 . 2008-12-25 00:22	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\skypePM2009-06-15 19:31 . 2009-06-15 19:30	--------	d-----w-	c:\program files\Mplayer2009-06-15 19:29 . 2009-06-15 19:29	--------	d-----w-	c:\program files\Quake III Arena2009-06-15 11:54 . 2009-06-15 11:53	--------	d-----w-	c:\program files\Nowe Gadu-Gadu2009-06-14 17:09 . 2009-06-14 17:09	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\Blizzard2009-06-14 14:14 . 2009-06-14 14:14	--------	d-----w-	c:\program files\Blade2009-06-13 14:28 . 2009-06-13 14:28	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\2F34B2009-06-12 16:25 . 2009-06-12 16:25	--------	d-----w-	c:\program files\MultiRes2009-06-12 16:24 . 2009-06-12 16:24	472576	----a-w-	c:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe2009-06-12 16:24 . 2009-06-12 16:24	--------	d-----w-	c:\program files\Radeon Omega Drivers2009-06-12 15:10 . 2008-10-18 17:13	22328	-c--a-w-	c:\documents and settings\Administrator\Dane aplikacji\PnkBstrK.sys2009-06-12 15:10 . 2008-10-18 17:13	22328	-c--a-w-	c:\documents and settings\Administrator\Dane aplikacji\PnkBstrK.sys2009-06-12 15:10 . 2008-10-18 17:12	682280	-c--a-w-	c:\windows\system32\pbsvc.exe2009-06-12 13:02 . 2009-06-12 13:02	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\142F22009-06-11 13:26 . 2009-06-11 13:24	--------	d-----w-	c:\program files\Matematyka 20042009-06-10 18:55 . 2009-06-10 18:54	--------	d-----w-	c:\program files\Anti-Blaxx2009-06-10 16:08 . 2009-06-10 16:08	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\11282009-06-10 06:53 . 2009-06-10 06:53	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\292CE2009-06-09 21:11 . 2008-09-27 13:58	75064	----a-w-	c:\windows\system32\PnkBstrA.exe2009-06-08 07:51 . 2009-06-08 07:51	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\4CB2009-06-03 09:03 . 2009-06-03 09:03	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\2C5D2009-06-03 08:59 . 2009-06-03 08:59	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\211A52009-06-01 14:17 . 2009-06-01 14:16	--------	d-----w-	c:\program files\ZipZag2009-06-01 14:16 . 2009-06-01 14:16	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\ZipZag2009-05-30 19:36 . 2009-05-30 19:36	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\2B2512009-05-28 17:37 . 2009-05-28 17:37	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\1D1F2009-05-28 09:23 . 2009-05-28 09:23	42088	----a-w-	c:\documents and settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll2009-05-28 08:34 . 2009-05-28 08:34	11264	----a-w-	c:\documents and settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll2009-05-26 11:25 . 2009-05-26 11:25	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\239C2009-05-25 22:17 . 2009-05-25 22:17	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\Sports Interactive2009-05-25 20:58 . 2009-05-25 20:58	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\32512009-05-25 20:11 . 2009-05-25 20:11	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\734B2009-05-24 20:52 . 2009-05-24 20:52	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\2A1C52009-05-24 20:46 . 2009-05-24 20:46	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\CAB2009-05-24 11:24 . 2009-05-24 11:24	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\631C2009-05-23 23:46 . 2009-05-23 23:46	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\13D82009-05-23 16:27 . 2009-05-23 16:27	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\334B2009-05-23 13:35 . 2009-05-23 13:35	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\2F29F2009-05-23 12:57 . 2009-05-23 12:57	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\291382009-05-22 15:10 . 2009-05-22 15:10	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\0BB2009-05-22 15:09 . 2009-05-22 15:09	--------	d-----w-	c:\documents and settings\All Users\Dane aplikacji\131192009-06-12 19:44 . 2008-11-27 14:14	134648	----a-w-	c:\program files\mozilla firefox\components\brwsrcmp.dll.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"OscarEditor"="c:\program files\OSCAR Editor\OscarEditor.exe" [2008-07-30 2865152]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]"AAWTray"="c:\program files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 88024]"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-29 136600]"Anti-Blaxx Manager"="c:\program files\Anti-Blaxx\Anti-Blaxx.exe" [2005-10-08 212992]"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-12-22 77824]"AtiPTA"="atiptaxx.exe" - c:\windows\system32\atiptaxx.exe [2006-02-22 344064][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]c:\documents and settings\Administrator\Menu Start\Programy\Autostart\hamachi.lnk - d:\program files\Hamachi\hamachi.exe [2009-7-16 625952]c:\documents and settings\Administrator\Menu Start\Programy\Autostart\MultiResMultiRes.lnk - c:\program files\MultiRes\MultiRes.exe [2006-9-12 54784]c:\documents and settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-4-13 962661][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver"[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^Alaplaya Launcher.lnk]backup=c:\windows\pss\Alaplaya Launcher.lnkStartuppath=c:\documents and settings\Administrator\Menu Start\Programy\Autostart\Alaplaya Launcher.lnk[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^Xfire.lnk]backup=c:\windows\pss\Xfire.lnkStartuppath=c:\documents and settings\Administrator\Menu Start\Programy\Autostart\Xfire.lnk[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\WINDOWS\\system32\\PnkBstrA.exe"="c:\\WINDOWS\\system32\\PnkBstrB.exe"="d:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"="c:\\Program Files\\Xfire\\Xfire.exe"="c:\\Program Files\\eMule\\emule.exe"="c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"="c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"="c:\\WINDOWS\\system32\\java.exe"="c:\\Program Files\\alaplaya\\S4League\\S4Client.exe"="d:\\Downloads\\AgeOfEmpiresII\\AgeOfEmpires II\\empires2.exe"="d:\\Downloads\\AgeOfEmpiresII\\AgeOfEmpires II\\age2_x1.exe"="d:\\Program Files\\Call of Duty 2\\Call of Duty 2\\CoD2MP_s.exe"="c:\\Program Files\\Xfire\\dppm_source.exe"="d:\\Program Files\\LucasArts\\Star Wars Republic Commando\\GameData\\System\\SWRepublicCommando.exe"="c:\\Program Files\\uTorrent\\uTorrent.exe"="d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="c:\\Documents and Settings\\Administrator\\Ustawienia lokalne\\Dane aplikacji\\Dyyno Receiver\\DPPM.exe"="d:\\Program Files\\Quake III Arena\\quake3.exe"="c:\\Program Files\\Skype\\Phone\\Skype.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724"52368:TCP"= 52368:TCP:utorrent.comS3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009-01-16 89256]S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009-01-16 15016]S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009-01-16 120744]S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009-01-16 114216]S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009-01-16 25512]S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009-01-16 110632]S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009-01-16 115752].Zawartość folderu 'Zaplanowane zadania'2009-06-21 c:\windows\Tasks\NSSstub.job- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-06-21 18:22].- - - - USUNIĘTO PUSTE WPISY - - - -BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\DealioToolbarIE.dllToolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\DealioToolbarIE.dllHKCU-Run-ja minimizer - c:\documents and settings\Administrator\Pulpit\ja_minimizer\ja minimizer\ja minimizer.exeHKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe.------- Skan uzupełniający -------.IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000TCP: {C07E4FFC-9E62-47DA-90E3-E2AF776D11CB} = 213.241.79.37 83.238.255.76Handler: alaplaya - {60E6FD61-FA26-4706-BF07-C55B3A49E66C} - c:\windows\system32\alading.dllFF - ProfilePath - c:\documents and settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\8swvf1xo.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://pl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:officialFF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=FF - component: c:\program files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dllFF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dllFF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dllFF - plugin: c:\documents and settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\8swvf1xo.default\extensions\NPDyyno@dyyno.com\plugins\npDyyno.dllFF - plugin: c:\documents and settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\npganymedenet.dllFF - plugin: c:\program files\Opera\program\plugins\npganymedenet.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-07-19 20:05Windows 5.1.2600 Dodatek Service Pack 2 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(864)c:\windows\system32\Ati2evxx.dll- - - - - - - > 'explorer.exe'(3368)c:\windows\system32\msi.dll.------------------------ Pozostałe uruchomione procesy ------------------------.c:\windows\system32\ati2evxx.exec:\windows\system32\ati2evxx.exec:\program files\Lavasoft\Ad-Aware 2007\aawservice.exec:\program files\Avira\AntiVir PersonalEdition Classic\sched.exec:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exec:\program files\Nero\Nero 7\InCD\InCDsrv.exec:\program files\Java\jre6\bin\jqs.exec:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEc:\windows\system32\PnkBstrA.exec:\windows\system32\PnkBstrB.exec:\windows\system32\wdfmgr.exec:\windows\system32\wscntfy.exec:\windows\system32\wbem\wmiapsrv.exe.**************************************************************************.Czas ukończenia: 2009-07-19 20:13 - komputer został uruchomiony ponownieComboFix-quarantined-files.txt  2009-07-19 18:13Przed: 13 760 978 944 bajtów wolnychPo: 13 751 320 576 bajtów wolnychWindowsXP-KB310994-SP2-Pro-BootDisk-PLK.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer311
Gość
komentarz
komentarz

1. Zamknij robaczywe porty przy pomocy --> Windows Worms Doors Cleaner.

Ustaw znaczki na zielono, Netbios może być na żółto.

Po użyciu narzędzia wymagany jest restart.!

2. Wklej do Notatnika:

File::c:\windows\msb.exeC:\ygfiabv.exeC:\lysg.exec:\program files\mozilla firefox\components\brwsrcmp.dllc:\documents and settings\Administrator\Menu Start\Programy\Autostart\MultiResMultiRes.lnkFolder::c:\documents and settings\All Users\Dane aplikacji\1C2Ec:\documents and settings\All Users\Dane aplikacji\121Fc:\documents and settings\All Users\Dane aplikacji\3B33Cc:\documents and settings\All Users\Dane aplikacji\25203c:\documents and settings\All Users\Dane aplikacji\2A3D8c:\documents and settings\All Users\Dane aplikacji\14203c:\documents and settings\All Users\Dane aplikacji\10ABc:\documents and settings\All Users\Dane aplikacji\2A128c:\documents and settings\All Users\Dane aplikacji\1399c:\documents and settings\All Users\Dane aplikacji\19109c:\documents and settings\Administrator\Dane aplikacji\GanymedeNetc:\program files\Ganymedec:\documents and settings\Administrator\Dane aplikacji\Search Settingsc:\documents and settings\Administrator\Dane aplikacji\Dealioc:\documents and settings\All Users\Dane aplikacji\Blizzardc:\program files\Bladec:\documents and settings\All Users\Dane aplikacji\2F34Bc:\program files\MultiResc:\documents and settings\All Users\Dane aplikacji\142F2c:\documents and settings\All Users\Dane aplikacji\1128c:\documents and settings\All Users\Dane aplikacji\292CEc:\documents and settings\All Users\Dane aplikacji\4CBc:\documents and settings\All Users\Dane aplikacji\2C5Dc:\documents and settings\All Users\Dane aplikacji\211A5c:\documents and settings\All Users\Dane aplikacji\2B251c:\documents and settings\All Users\Dane aplikacji\1D1Fc:\documents and settings\All Users\Dane aplikacji\239Cc:\documents and settings\All Users\Dane aplikacji\3251c:\documents and settings\All Users\Dane aplikacji\734Bc:\documents and settings\All Users\Dane aplikacji\2A1C5c:\documents and settings\All Users\Dane aplikacji\CABc:\documents and settings\All Users\Dane aplikacji\631Cc:\documents and settings\All Users\Dane aplikacji\13D8c:\documents and settings\All Users\Dane aplikacji\334Bc:\documents and settings\All Users\Dane aplikacji\2F29Fc:\documents and settings\All Users\Dane aplikacji\29138c:\documents and settings\All Users\Dane aplikacji\0BBc:\documents and settings\All Users\Dane aplikacji\13119

>>Plik>>Zapisz jako... >>> CFScript

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe

-->cfscriptb5b4me3.gif

Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania.

Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox.

.

Nightmareee
komentarz
komentarz

Hmm przy zapisz jako jest opcja: Kodowanie ANSI czy jakos tak - to zmienic czy nie?

Psycholandia
komentarz
komentarz

Zostawiasz ANSI.

Zapisz jako: Dokumenty tekstowe (*.txt)

Nightmareee
komentarz
komentarz

Hm no dobra robie tak jak doradził twój przedmówca, lecz to mi zaczyna skanować znowu a jak sam pisał powinno zacząć się usuwać -.-

MarekM25
komentarz
komentarz

Zrób po prostu ten skrypt i daj log z combofixa to chyba nie jest takie mocno skomplikowane:P

Nightmareee
komentarz
komentarz

Dobra tu jest log:

ComboFix 09-07-19.02 - Administrator 2009-07-19 23:22.3.1 - NTFSx86Microsoft Windows XP Professional  5.1.2600.2.1250.48.1045.18.1023.564 [GMT 2:00]Uruchomiony z: c:\documents and settings\Administrator\Pulpit\ComboFix.exeUżyto następujących komend :: c:\documents and settings\Administrator\Pulpit\CFScript.txtAV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}FILE ::"c:\documents and settings\Administrator\Menu Start\Programy\Autostart\MultiResMultiRes.lnk""C:\lysg.exe""c:\program files\mozilla firefox\components\brwsrcmp.dll""c:\windows\msb.exe""C:\ygfiabv.exe".(((((((((((((((((((((((((((((((((((((((   Usunięto   ))))))))))))))))))))))))))))))))))))))))))))))))).c:\documents and settings\Administrator\Dane aplikacji\Dealioc:\documents and settings\Administrator\Dane aplikacji\Dealio\temp\WTFF-14444.logc:\documents and settings\Administrator\Dane aplikacji\Search Settingsc:\documents and settings\Administrator\Dane aplikacji\Search Settings\kb128\temp\ws-14444.logc:\program files\Dealio Toolbar.(((((((((((((((((((((((((   Pliki utworzone od 2009-06-19 do 2009-07-19  ))))))))))))))))))))))))))))))).2009-07-17 22:27 . 2009-07-17 22:27	65536	----a-r-	c:\documents and settings\Administrator\Dane aplikacji\Microsoft\Installer\{A6F4DE62-BA95-45B5-B27D-39E5ABB4E77D}\NewShortcut1_6D307F405A8B42488CCA5C8E4FA8753B.exe2009-07-17 22:27 . 2009-07-17 22:27	10134	----a-r-	c:\documents and settings\Administrator\Dane aplikacji\Microsoft\Installer\{A6F4DE62-BA95-45B5-B27D-39E5ABB4E77D}\ARPPRODUCTICON.exe2009-07-17 22:27 . 2009-07-17 22:27	--------	d-----w-	c:\program files\Hydra Networks2009-07-17 19:42 . 2009-07-17 19:42	--------	d-----w-	c:\windows\system32\config\systemprofile\Dane aplikacji\ATI2009-07-17 19:42 . 2009-07-17 19:42	--------	d-----w-	c:\windows\system32\config\systemprofile\Dane aplikacji\Xfire2009-07-12 20:56 . 2009-07-12 21:55	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\Mount&Blade2009-07-10 23:48 . 2009-07-11 13:44	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\The Path2009-07-10 18:16 . 2009-07-10 18:16	--------	d-----w-	c:\windows\system32\wbem\Repository2009-07-09 18:49 . 2009-07-09 18:49	--------	d-----w-	c:\program files\DX-Ball2009-07-05 15:03 . 2009-07-05 15:03	--------	d-s---w-	c:\documents and settings\Administrator\UserData2009-07-02 19:26 . 2009-07-02 19:26	41808	----a-w-	c:\windows\system32\xfcodec.dll2009-06-27 12:21 . 2004-03-09 09:39	8704	----a-w-	c:\windows\system32\vidccleaner.exe2009-06-27 12:20 . 1998-07-09 18:41	217088	----a-w-	c:\windows\system32\skjpeg40.dll2009-06-27 12:20 . 1998-03-04 09:40	83968	----a-w-	c:\windows\system32\Skbase40.dll2009-06-27 12:20 . 2009-06-27 12:20	--------	d-----w-	c:\program files\Samsung.((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-07-19 20:54 . 2008-12-01 15:14	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\Hamachi2009-07-19 19:22 . 2008-09-27 10:56	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\Xfire2009-07-19 19:06 . 2008-09-27 13:58	139584	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys2009-07-19 19:06 . 2008-09-27 13:58	189104	----a-w-	c:\windows\system32\PnkBstrB.exe2009-07-18 16:02 . 2008-11-27 15:55	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\uTorrent2009-07-18 13:57 . 2008-10-28 19:37	--------	d---a-w-	c:\documents and settings\All Users\Dane aplikacji\TEMP2009-07-17 20:41 . 2008-11-27 18:04	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\teamspeak22009-07-16 19:30 . 2008-12-01 15:14	25280	----a-w-	c:\windows\system32\drivers\hamachi.sys2009-07-16 01:47 . 2008-09-27 10:56	--------	d-s---w-	c:\program files\Xfire2009-07-13 00:33 . 2008-12-29 16:53	--------	d-----w-	c:\program files\Startup Manager2009-07-11 23:57 . 2008-09-23 12:24	--------	d--h--w-	c:\program files\InstallShield Installation Information2009-07-08 10:25 . 2009-04-20 11:06	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\ipla2009-07-07 00:22 . 2002-09-28 22:00	80664	----a-w-	c:\windows\system32\perfc015.dat2009-07-07 00:22 . 2002-09-28 22:00	461238	----a-w-	c:\windows\system32\perfh015.dat2009-06-19 17:06 . 2009-06-19 17:05	--------	d-----w-	c:\program files\Free Audio Pack2009-06-18 16:30 . 2008-12-25 00:21	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\Skype2009-06-18 16:04 . 2008-12-25 00:22	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\skypePM2009-06-15 19:31 . 2009-06-15 19:30	--------	d-----w-	c:\program files\Mplayer2009-06-15 19:29 . 2009-06-15 19:29	--------	d-----w-	c:\program files\Quake III Arena2009-06-15 11:54 . 2009-06-15 11:53	--------	d-----w-	c:\program files\Nowe Gadu-Gadu2009-06-12 16:24 . 2009-06-12 16:24	472576	----a-w-	c:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe2009-06-12 16:24 . 2009-06-12 16:24	--------	d-----w-	c:\program files\Radeon Omega Drivers2009-06-12 15:10 . 2008-10-18 17:13	22328	-c--a-w-	c:\documents and settings\Administrator\Dane aplikacji\PnkBstrK.sys2009-06-12 15:10 . 2008-10-18 17:13	22328	-c--a-w-	c:\documents and settings\Administrator\Dane aplikacji\PnkBstrK.sys2009-06-12 15:10 . 2008-10-18 17:12	682280	-c--a-w-	c:\windows\system32\pbsvc.exe2009-06-11 13:26 . 2009-06-11 13:24	--------	d-----w-	c:\program files\Matematyka 20042009-06-10 18:55 . 2009-06-10 18:54	--------	d-----w-	c:\program files\Anti-Blaxx2009-06-09 21:11 . 2008-09-27 13:58	75064	----a-w-	c:\windows\system32\PnkBstrA.exe2009-06-01 14:17 . 2009-06-01 14:16	--------	d-----w-	c:\program files\ZipZag2009-06-01 14:16 . 2009-06-01 14:16	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\ZipZag2009-05-28 09:23 . 2009-05-28 09:23	42088	----a-w-	c:\documents and settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll2009-05-28 08:34 . 2009-05-28 08:34	11264	----a-w-	c:\documents and settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dll2009-05-25 22:17 . 2009-05-25 22:17	--------	d-----w-	c:\documents and settings\Administrator\Dane aplikacji\Sports Interactive.(((((((((((((((((((((((((((((   SnapShot@2009-07-19_18.07.03   ))))))))))))))))))))))))))))))))))))))))).+ 2009-07-19 20:54 . 2009-07-19 20:54	16384			  c:\windows\Temp\Perflib_Perfdata_164.dat.(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"OscarEditor"="c:\program files\OSCAR Editor\OscarEditor.exe" [2008-07-30 2865152]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768]"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]"AAWTray"="c:\program files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 88024]"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-29 136600]"Anti-Blaxx Manager"="c:\program files\Anti-Blaxx\Anti-Blaxx.exe" [2005-10-08 212992]"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-12-22 77824]"AtiPTA"="atiptaxx.exe" - c:\windows\system32\atiptaxx.exe [2006-02-22 344064][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]c:\documents and settings\Administrator\Menu Start\Programy\Autostart\hamachi.lnk - d:\program files\Hamachi\hamachi.exe [2009-7-16 625952]c:\documents and settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-4-13 962661][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver"[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^Alaplaya Launcher.lnk]backup=c:\windows\pss\Alaplaya Launcher.lnkStartuppath=c:\documents and settings\Administrator\Menu Start\Programy\Autostart\Alaplaya Launcher.lnk[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^Xfire.lnk]backup=c:\windows\pss\Xfire.lnkStartuppath=c:\documents and settings\Administrator\Menu Start\Programy\Autostart\Xfire.lnk[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\WINDOWS\\system32\\PnkBstrA.exe"="c:\\WINDOWS\\system32\\PnkBstrB.exe"="d:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"="c:\\Program Files\\Xfire\\Xfire.exe"="c:\\Program Files\\eMule\\emule.exe"="c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"="c:\\Program Files\\Nowe Gadu-Gadu\\gg.exe"="c:\\WINDOWS\\system32\\java.exe"="c:\\Program Files\\alaplaya\\S4League\\S4Client.exe"="d:\\Downloads\\AgeOfEmpiresII\\AgeOfEmpires II\\empires2.exe"="d:\\Downloads\\AgeOfEmpiresII\\AgeOfEmpires II\\age2_x1.exe"="d:\\Program Files\\Call of Duty 2\\Call of Duty 2\\CoD2MP_s.exe"="c:\\Program Files\\Xfire\\dppm_source.exe"="d:\\Program Files\\LucasArts\\Star Wars Republic Commando\\GameData\\System\\SWRepublicCommando.exe"="c:\\Program Files\\uTorrent\\uTorrent.exe"="d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="c:\\Documents and Settings\\Administrator\\Ustawienia lokalne\\Dane aplikacji\\Dyyno Receiver\\DPPM.exe"="d:\\Program Files\\Quake III Arena\\quake3.exe"="c:\\Program Files\\Skype\\Phone\\Skype.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724"52368:TCP"= 52368:TCP:utorrent.comS3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009-01-16 89256]S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009-01-16 15016]S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009-01-16 120744]S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009-01-16 114216]S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009-01-16 25512]S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009-01-16 110632]S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009-01-16 115752]..------- Skan uzupełniający -------.IE: E&ksport do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000TCP: {C07E4FFC-9E62-47DA-90E3-E2AF776D11CB} = 213.241.79.37 83.238.255.76Handler: alaplaya - {60E6FD61-FA26-4706-BF07-C55B3A49E66C} - c:\windows\system32\alading.dllFF - ProfilePath - c:\documents and settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\8swvf1xo.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://pl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:officialFF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=FF - component: c:\program files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dllFF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dllFF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dllFF - plugin: c:\documents and settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\8swvf1xo.default\extensions\NPDyyno@dyyno.com\plugins\npDyyno.dllFF - plugin: c:\documents and settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu\_userdata\npgg.1.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\npganymedenet.dllFF - plugin: c:\program files\Opera\program\plugins\npganymedenet.dll.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-07-19 23:29Windows 5.1.2600 Dodatek Service Pack 2 NTFSskanowanie ukrytych procesów ...  skanowanie ukrytych wpisów autostartu ... skanowanie ukrytych plików ...  skanowanie pomyślnie ukończoneukryte pliki: 0**************************************************************************.--------------------- Pliki DLL ładowane pod uruchomionymi procesami ---------------------- - - - - - - > 'winlogon.exe'(856)c:\windows\system32\Ati2evxx.dll.Czas ukończenia: 2009-07-19 23:33ComboFix-quarantined-files.txt  2009-07-19 21:32ComboFix2.txt  2009-07-19 20:24ComboFix3.txt  2009-07-19 18:13Przed: 13 986 697 216 bajtów wolnychPo: 13 954 912 256 bajtów wolnych183

Lecz... jest to log z drugiego użycia ComboFixa ze skryptem, lecz wcześniej po ponad półgodzinnej pracy combofixa, gdy już się wyświetlił log, nagle ni stąd ni z owąd, czarny ekran i kochany komputer <3 sam się zresetował @_@.

Gość
komentarz
komentarz

W logu nic nie widze.

1. Posprzątaj po ComboFixie i różnych narzędziach >>> OTCleanIt.

2. Użyj programu Malwarebytes.

Wciskamy Skanuj, wybieramy dyski do skanowania i Rozpoczynamy skanowanie, na końcu wciskamy Usuń zaznaczone jak będą i Ok.

Wrzuć wygenerowany raport po usuwaniu MBAMem.

.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.