x-kom hosting

win32.brontok - logi

bonek
utworzono
utworzono

Mam problem z win32.brontok . nie umiem tego usunąć. o to logi. Mówice co mam robic jak dziecku bo jestem w tym zielony

OTL logfile created on: 2009-07-22 00:09:32 - Run 1OTL by OldTimer - Version 3.0.9.2	 Folder = C:\Documents and Settings\Bonek\PulpitWindows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18702)Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd1023,36 Mb Total Physical Memory | 574,34 Mb Available Physical Memory | 56,12% Memory free2,40 Gb Paging File | 2,00 Gb Available in Paging File | 83,29% Paging File freePaging file location(s): C:\pagefile.sys 1536 3072 [binary data]%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program FilesDrive C: | 77,62 Gb Total Space | 53,46 Gb Free Space | 68,87% Space Free | Partition Type: NTFSDrive D: | 77,62 Gb Total Space | 54,88 Gb Free Space | 70,70% Space Free | Partition Type: NTFSDrive E: | 77,64 Gb Total Space | 47,88 Gb Free Space | 61,67% Space Free | Partition Type: NTFSF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedComputer Name: BONEK-1347134A7Current User Name: BonekLogged in as Administrator.Current Boot Mode: NormalScan Mode: All usersCompany Name Whitelist: OnSkip Microsoft Files: OffFile Age = 30 DaysOutput = Standard========== Processes (SafeList) ==========PRC - [2006-02-28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exePRC - [2009-04-09 15:19:08 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exePRC - [2009-06-01 10:48:55 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exePRC - [2007-03-22 04:50:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exePRC - [2008-04-14 22:51:18 | 00,977,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXEPRC - [2006-12-15 04:59:12 | 00,217,088 | R--- | M] (TODO: <Company name>) -- C:\WINDOWS\System32\winsys2.exePRC - [2002-04-29 21:49:45 | 00,188,416 | ---- | M] (HP) -- C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exePRC - [2006-04-09 19:31:44 | 00,061,440 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Keyboard\Ikeymain.exePRC - [2009-04-09 15:17:56 | 02,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exePRC - [2009-06-01 10:48:55 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exePRC - [2002-03-19 17:30:00 | 00,045,632 | ---- | M] () -- C:\WINDOWS\System32\taskswitch.exePRC - [2006-12-12 22:46:52 | 00,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\CTHELPER.EXEPRC - [2006-12-12 22:46:54 | 00,020,480 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTXFIHLP.EXEPRC - [2009-04-10 19:29:08 | 00,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exePRC - [2006-12-12 22:43:58 | 00,842,240 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\CTXFISPI.EXEPRC - [2009-01-17 16:48:08 | 05,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- C:\Program Files\Tlen.pl\tlen.exePRC - [2008-04-14 22:51:32 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exePRC - [2009-07-21 22:26:51 | 00,043,180 | ---- | M] (http://www.softella.com/) -- C:\WINDOWS\System32\drivers\svchost.exePRC - [2009-02-26 10:49:18 | 00,099,328 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exePRC - [2009-07-22 00:08:32 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bonek\Pulpit\OTL.exe========== Win32 Services (SafeList) ==========SRV - [2008-07-25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])SRV - [2006-02-28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])SRV - [2008-07-25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])SRV - [2009-04-09 15:29:20 | 00,020,680 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])SRV - [2009-04-09 15:19:08 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn [Auto | Running])SRV - [2009-06-09 19:34:19 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])SRV - [2008-07-29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])SRV - [2008-04-14 22:50:46 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])SRV - [2008-07-29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped])SRV - [2008-04-15 00:50:34 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\irmon.dll -- (Irmon [Auto | Running])SRV - [2009-06-01 10:48:55 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])SRV - [2008-07-29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])SRV - [2007-03-22 04:50:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])SRV - [2003-07-28 21:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])SRV - [2006-12-01 11:46:28 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])========== Driver Services (SafeList) ==========DRV - [2005-03-09 08:53:00 | 00,036,352 | R--- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8 [system | Running])DRV - [2006-12-14 13:29:26 | 00,511,288 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\ctac32k.sys -- (ctac32k [On_Demand | Running])DRV - [2006-12-14 13:29:30 | 00,521,272 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\ctaud2k.sys -- (ctaud2k [On_Demand | Running])DRV - [2006-12-14 13:29:36 | 00,347,144 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\ctdvda2k.sys -- (ctdvda2k [On_Demand | Stopped])DRV - [2006-12-14 13:29:54 | 00,014,648 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\ctprxy2k.sys -- (ctprxy2k [On_Demand | Running])DRV - [2006-12-14 13:30:20 | 00,156,984 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\ctsfm2k.sys -- (ctsfm2k [On_Demand | Running])DRV - [2009-04-09 15:10:30 | 00,113,960 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon [Auto | Running])DRV - [2009-04-09 15:18:02 | 00,107,256 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\ehdrv.sys -- (ehdrv [system | Running])DRV - [2006-12-14 13:30:38 | 00,090,936 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\emupia2k.sys -- (emupia [On_Demand | Running])DRV - [2009-04-09 15:21:06 | 00,133,000 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\epfw.sys -- (epfw [Auto | Running])DRV - [2009-04-09 15:21:10 | 00,033,096 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\Epfwndis.sys -- (Epfwndis [On_Demand | Running])DRV - [2009-04-09 15:21:12 | 00,055,768 | ---- | M] (ESET) -- C:\WINDOWS\System32\DRIVERS\epfwtdi.sys -- (epfwtdi [system | Running])DRV - [2006-12-14 13:30:44 | 01,160,504 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\ha20x2k.sys -- (ha20x2k [On_Demand | Running])DRV - [2001-08-17 23:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\irsir.sys -- (irsir [On_Demand | Running])DRV - [2007-03-22 04:50:00 | 06,704,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running])DRV - [2006-05-16 13:25:00 | 00,052,736 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\NVENETFD.sys -- (NVENETFD [On_Demand | Running])DRV - [2006-05-16 13:25:02 | 00,018,944 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nvnetbus.sys -- (nvnetbus [On_Demand | Running])DRV - [2006-12-14 13:29:46 | 00,128,312 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\ctoss2k.sys -- (ossrv [On_Demand | Running])DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])DRV - [2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])DRV - [2009-07-13 16:24:54 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running])========== Standard Registry (SafeList) ==================== Internet Explorer ==========IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-onsIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRiskIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157IE - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896IE - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://go.microsoft.com/fwlink/?linkid=69157 [binary data]IE - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpageIE - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pl.msn.com/?ocid=iehpIE - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = plIE - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8C 58 DA 00 66 FA C9 01  [binary data]IE - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\S-1-5-21-1547161642-1801674531-1401443257-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\S-1-5-21-1547161642-1801674531-1401443257-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local========== FireFox ==========FF - prefs.js..browser.startup.homepage: "http://www.daemon-search.com/startpage"FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.8.0552FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-06-01 10:04:01 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-06-01 10:48:56 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-06-30 09:53:23 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-06-30 09:53:15 | 00,000,000 | ---D | M]FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird[2009-06-30 09:53:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\mozilla\Extensions[2009-06-30 09:53:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}[2009-07-21 10:46:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\mozilla\Firefox\Profiles\qosfks78.default\extensions[2009-07-13 16:26:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\mozilla\Firefox\Profiles\qosfks78.default\extensions\DTToolbar@toolbarnet.com[2009-07-13 16:26:35 | 00,002,399 | ---- | M] () -- C:\Documents and Settings\Bonek\Dane aplikacji\Mozilla\FireFox\Profiles\qosfks78.default\searchplugins\daemon-search.xml[2009-06-30 09:53:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions[2009-06-30 09:53:15 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2009-06-03 10:17:54 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll[2009-06-03 10:17:54 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll[2009-06-03 10:17:54 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll[2006-06-03 18:43:22 | 00,000,896 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml[2008-04-03 19:19:08 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml[2008-04-16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml[2007-03-31 19:11:54 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml[2006-06-03 18:43:22 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml[2008-03-28 23:36:04 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml[2007-01-05 13:40:56 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xmlO1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\HostsO1 - Hosts: 127.0.0.1	   localhostO2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll (kikin)O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()O3 - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe ()O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\CTXFIHLP.EXE (Creative Technology Ltd)O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe (HP)O4 - HKLM..\Run: [iKeyWorks] C:\Program Files\A4Tech\Keyboard\Ikeymain.exe (A4Tech Co.,Ltd.)O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)O4 - HKLM..\Run: [sW20] C:\WINDOWS\System32\sw20.exe ()O4 - HKLM..\Run: [sW24] C:\WINDOWS\System32\sw24.exe ()O4 - HKLM..\Run: [updReg] C:\WINDOWS\UpdReg.EXE (Creative Technology Ltd.)O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe (Creative Technology Ltd)O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe (TODO: <Company name>)O4 - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe (o2.pl Sp. z o.o.)O4 - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O4 - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003..\Run: [sVCHOST.EXE] C:\WINDOWS\System32\drivers\svchost.exe (http://www.softella.com/)O4 - HKU\.DEFAULT..\RunOnce: [nltide_2]  File not foundO4 - HKU\S-1-5-18..\RunOnce: [nltide_2]  File not foundO4 - Startup: C:\Documents and Settings\Bonek\Menu Start\Programy\Autostart\RapidUploader.exe.lnk = D:\Image Grabber\RapidUploader.exe ()O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O7 - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323O7 - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1O7 - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863O7 - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm ()O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm ()O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll (kikin)O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com)O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com)O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} http://www.eska.pl/streamplayers/OggX.ocx (OggX Control)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_13)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.250O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\ipp - No CLSID value foundO18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp - No CLSID value foundO18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)O18 - Protocol\Filter:  - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:HomeO28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)O31 - SafeBoot: AlternateShell - cmd.exeO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2009-06-01 09:25:37 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O34 - HKLM BootExecute: (autocheck) -  File not foundO34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)O34 - HKLM BootExecute: (*) -  File not found========== Files/Folders - Created Within 30 Days ==========[1 C:\WINDOWS\System32\*.tmp files][4 C:\WINDOWS\*.tmp files][2009-07-22 00:08:27 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bonek\Pulpit\OTL.exe[2009-07-21 23:51:00 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe[2009-07-21 23:50:58 | 00,219,648 | ---- | C] () -- C:\WINDOWS\PEV.exe[2009-07-21 23:50:58 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe[2009-07-21 23:50:58 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe[2009-07-21 23:50:58 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe[2009-07-21 23:50:58 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe[2009-07-21 23:50:57 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe[2009-07-21 23:50:57 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe[2009-07-21 23:50:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT[2009-07-21 23:50:45 | 00,422,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF28752.exe[2009-07-21 23:50:45 | 00,000,000 | --SD | C] -- C:\ComboFix[2009-07-21 23:50:31 | 00,000,000 | ---D | C] -- C:\Qoobox[2009-07-21 22:39:35 | 00,002,119 | ---- | C] () -- C:\Documents and Settings\Bonek\Dane aplikacji\7Nlo7EbWat.gif[2009-07-21 22:39:35 | 00,000,607 | ---- | C] () -- C:\Documents and Settings\Bonek\Dane aplikacji\7Nlo7EbWzn.gif[2009-07-21 22:39:35 | 00,000,598 | ---- | C] () -- C:\Documents and Settings\Bonek\Dane aplikacji\7Nlo7EbWby.gif[2009-07-21 22:37:31 | 00,020,480 | ---- | C] (RapidShare AG) -- C:\Documents and Settings\Bonek\Pulpit\RSMInit.exe[2009-07-21 22:26:54 | 00,043,180 | ---- | C] (http://www.softella.com/) -- C:\WINDOWS\System32\drivers\svchost.exe[2009-07-21 22:26:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Dane aplikacji\Google[2009-07-21 20:57:30 | 00,220,185 | ---- | C] () -- C:\Documents and Settings\Bonek\Pulpit\Aston_Martin-V12_Vantage_2010_1600x1200_wallpaper_01.jpg[2009-07-19 17:17:09 | 00,685,338 | ---- | C] () -- C:\Program Files\unins000.exe[2009-07-19 17:17:09 | 00,001,227 | ---- | C] () -- C:\Program Files\unins000.dat[2009-07-19 17:17:09 | 00,000,000 | ---D | C] -- C:\Program Files\Nexus[2009-07-19 17:13:11 | 00,000,000 | ---D | C] -- C:\Program Files\reFX[2009-07-18 18:00:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun[2009-07-16 22:16:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Pulpit\bbcode_manager_204[2009-07-16 20:44:57 | 00,000,459 | -H-- | C] () -- C:\Documents and Settings\Bonek\Pulpit\Lea18.avi.ini[2009-07-16 19:22:11 | 17,655,2390 | ---- | C] () -- C:\Documents and Settings\Bonek\Pulpit\Lubava.avi[2009-07-15 18:29:48 | 00,000,000 | ---D | C] -- C:\Program Files\Damian Pasternak[2009-07-14 17:36:24 | 00,000,500 | ---- | C] () -- C:\Documents and Settings\Bonek\Menu Start\Programy\Autostart\RapidUploader.exe.lnk[2009-07-14 16:35:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Dane aplikacji\WindowsApplication1[2009-07-14 16:35:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Ustawienia lokalne\Dane aplikacji\Deployment[2009-07-14 15:03:45 | 00,000,000 | ---D | C] -- C:\Program Files\Forum Poster 3[2009-07-14 12:23:48 | 04,001,773 | ---- | C] () -- C:\Documents and Settings\Bonek\Moje dokumenty\FileZilla_3.2.6.1_win32-setup.exe[2009-07-13 23:01:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Pulpit\Auto Poster[2009-07-13 17:34:31 | 00,000,000 | ---D | C] -- C:\1[2009-07-13 17:27:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Moje dokumenty\Max Payne 2 Savegames[2009-07-13 17:21:19 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll[2009-07-13 17:18:15 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc71.dll[2009-07-13 17:11:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Moje dokumenty\Rockstar Games[2009-07-13 16:57:43 | 00,000,000 | ---D | C] -- C:\Program Files\AutoConnect[2009-07-13 16:56:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Ustawienia lokalne\Dane aplikacji\Rockstar Games[2009-07-13 16:56:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft[2009-07-13 16:53:23 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Bonek\Dane aplikacji\SecuROM[2009-07-13 16:53:09 | 00,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll[2009-07-13 16:52:33 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll[2009-07-13 16:52:33 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll[2009-07-13 16:52:31 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll[2009-07-13 16:52:30 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll[2009-07-13 16:52:28 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll[2009-07-13 16:52:28 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll[2009-07-13 16:52:27 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll[2009-07-13 16:52:26 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll[2009-07-13 16:52:25 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll[2009-07-13 16:52:24 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll[2009-07-13 16:52:21 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll[2009-07-13 16:52:19 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll[2009-07-13 16:52:19 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll[2009-07-13 16:52:18 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll[2009-07-13 16:52:16 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll[2009-07-13 16:52:15 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll[2009-07-13 16:52:15 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll[2009-07-13 16:52:13 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll[2009-07-13 16:52:12 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll[2009-07-13 16:52:12 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll[2009-07-13 16:52:10 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll[2009-07-13 16:52:10 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll[2009-07-13 16:52:09 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll[2009-07-13 16:52:05 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll[2009-07-13 16:52:03 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll[2009-07-13 16:52:03 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll[2009-07-13 16:52:01 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll[2009-07-13 16:52:01 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll[2009-07-13 16:52:01 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll[2009-07-13 16:52:01 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll[2009-07-13 16:52:00 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll[2009-07-13 16:52:00 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll[2009-07-13 16:52:00 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll[2009-07-13 16:52:00 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll[2009-07-13 16:52:00 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll[2009-07-13 16:51:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs[2009-07-13 16:51:04 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll[2009-07-13 16:51:04 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll[2009-07-13 16:51:03 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll[2009-07-13 16:51:01 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll[2009-07-13 16:50:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive[2009-07-13 16:50:45 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE[2009-07-13 16:28:38 | 00,000,000 | ---D | C] -- C:\Program Files\Rockstar Games[2009-07-13 16:26:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite[2009-07-13 16:26:35 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar[2009-07-13 16:26:31 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite[2009-07-13 16:24:53 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys[2009-07-13 16:24:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Dane aplikacji\DAEMON Tools Lite[2009-07-11 16:18:57 | 07,081,473 | ---- | C] () -- C:\Documents and Settings\Bonek\Pulpit\09-We Made You.mp3[2009-07-10 12:10:12 | 00,000,000 | ---D | C] -- C:\Program Files\PIC Corporation[2009-07-10 11:30:21 | 04,292,472 | ---- | C] () -- C:\Documents and Settings\Bonek\Pulpit\fergie - big girls don`t cry.mp3[2009-07-05 19:01:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Ustawienia lokalne\Dane aplikacji\ESET[2009-07-04 09:29:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Pulpit\upload[2009-06-30 09:54:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Pulpit\podreczniki na rok 2009_2010 tzn _ by aziskyyyy[2009-06-30 09:53:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat[2009-06-30 09:53:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Ustawienia lokalne\Dane aplikacji\Mozilla[2009-06-30 09:53:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Dane aplikacji\Mozilla[2009-06-30 09:53:17 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk[2009-06-30 09:53:13 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox[2009-06-29 21:15:18 | 00,000,712 | ---- | C] () -- C:\Documents and Settings\Bonek\Pulpit\VPX.PL Uploader.lnk[2009-06-29 21:15:17 | 00,000,000 | ---D | C] -- C:\Program Files\VPX.PL Uploader[2009-06-29 20:27:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Dane aplikacji\FileZilla[2009-06-29 20:10:34 | 00,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client[2009-06-29 12:32:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Ustawienia lokalne\Dane aplikacji\GHISLER[2009-06-27 22:23:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Bonek\Pulpit\JDownloader 0.6.193[2009-06-27 21:47:09 | 04,149,112 | ---- | C] () -- C:\Documents and Settings\Bonek\Pulpit\dj smash - volna.mp3[2009-06-27 21:34:14 | 03,799,698 | ---- | C] () -- C:\Documents and Settings\Bonek\Pulpit\lenka - the show.mp3[2009-06-27 21:18:50 | 03,079,136 | ---- | C] () -- C:\Documents and Settings\Bonek\Pulpit\britney spears - circus.mp3[2009-06-26 14:24:31 | 00,000,000 | ---D | C] -- C:\jzk[2009-06-22 21:19:35 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS[2009-06-22 21:19:35 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys[2009-06-08 14:11:47 | 00,000,168 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini[2009-06-08 14:09:53 | 00,001,914 | ---- | C] () -- C:\WINDOWS\wincmd.ini[2009-06-02 18:50:31 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI[2009-06-01 13:34:04 | 00,066,610 | ---- | C] () -- C:\WINDOWS\System32\hpxfi.ini[2009-06-01 13:34:04 | 00,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL[2009-06-01 13:34:04 | 00,000,050 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini[2009-06-01 13:20:57 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL[2009-06-01 13:20:57 | 00,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll[2009-06-01 13:20:54 | 00,000,269 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI[2009-06-01 09:40:14 | 00,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini[2009-06-01 09:32:48 | 00,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll[2009-06-01 09:32:46 | 00,479,232 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll[2009-06-01 09:32:46 | 00,462,848 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll[2009-06-01 09:32:46 | 00,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll[2009-06-01 09:32:45 | 00,009,728 | R--- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys[2009-06-01 09:32:45 | 00,008,192 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.sys[2008-10-22 05:29:06 | 00,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat[2008-05-26 22:22:36 | 00,016,222 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini[2008-05-26 22:22:34 | 00,021,728 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini[2008-05-26 22:22:32 | 00,016,164 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini[2007-03-22 04:50:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll[2007-03-22 04:50:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll[2007-03-22 04:50:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll[2007-03-22 04:50:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll[2007-03-22 04:50:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll[2003-04-08 12:40:22 | 00,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI[2002-03-19 18:30:00 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\mag.dll[2002-03-19 17:30:00 | 00,141,824 | ---- | C] () -- C:\WINDOWS\System32\msvdm.dll[2001-07-22 00:16:20 | 00,000,624 | ---- | C] () -- C:\WINDOWS\win.ini[2001-07-22 00:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini========== Files - Modified Within 30 Days ==========[1 C:\WINDOWS\System32\*.tmp files][4 C:\WINDOWS\*.tmp files][2009-07-22 00:08:32 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bonek\Pulpit\OTL.exe[2009-07-21 23:58:21 | 00,002,119 | ---- | M] () -- C:\Documents and Settings\Bonek\Dane aplikacji\7Nlo7EbWat.gif[2009-07-21 23:58:21 | 00,000,607 | ---- | M] () -- C:\Documents and Settings\Bonek\Dane aplikacji\7Nlo7EbWzn.gif[2009-07-21 23:58:21 | 00,000,598 | ---- | M] () -- C:\Documents and Settings\Bonek\Dane aplikacji\7Nlo7EbWby.gif[2009-07-21 23:57:38 | 00,000,053 | ---- | M] () -- C:\biosinfo[2009-07-21 23:57:20 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT[2009-07-21 23:57:19 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat[2009-07-21 23:56:46 | 00,064,756 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-00000000-00001102-00000005-00331102}.rfx[2009-07-21 23:56:46 | 00,054,536 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000001-00000000-00000000-00001102-00000005-00331102}.rfx[2009-07-21 23:56:46 | 00,054,536 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000001-00000000-00000000-00001102-00000005-00331102}.rfx[2009-07-21 23:56:46 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm[2009-07-21 23:56:46 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm[2009-07-21 23:50:27 | 00,422,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF28752.exe[2009-07-21 22:37:31 | 00,020,480 | ---- | M] (RapidShare AG) -- C:\Documents and Settings\Bonek\Pulpit\RSMInit.exe[2009-07-21 22:26:51 | 00,043,180 | ---- | M] (http://www.softella.com/) -- C:\WINDOWS\System32\drivers\svchost.exe[2009-07-21 09:19:09 | 00,001,914 | ---- | M] () -- C:\WINDOWS\wincmd.ini[2009-07-21 09:11:45 | 00,000,168 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini[2009-07-20 16:17:38 | 00,092,672 | ---- | M] () -- C:\Documents and Settings\Bonek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009-07-19 17:17:10 | 00,001,227 | ---- | M] () -- C:\Program Files\unins000.dat[2009-07-19 17:17:03 | 00,685,338 | ---- | M] () -- C:\Program Files\unins000.exe[2009-07-16 20:45:21 | 00,000,459 | -H-- | M] () -- C:\Documents and Settings\Bonek\Pulpit\Lea18.avi.ini[2009-07-16 19:45:52 | 17,655,2390 | ---- | M] () -- C:\Documents and Settings\Bonek\Pulpit\Lubava.avi[2009-07-14 17:36:24 | 00,000,500 | ---- | M] () -- C:\Documents and Settings\Bonek\Menu Start\Programy\Autostart\RapidUploader.exe.lnk[2009-07-14 12:23:54 | 04,001,773 | ---- | M] () -- C:\Documents and Settings\Bonek\Moje dokumenty\FileZilla_3.2.6.1_win32-setup.exe[2009-07-13 16:53:09 | 00,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll[2009-07-13 16:25:13 | 06,392,414 | -H-- | M] () -- C:\Documents and Settings\Bonek\Ustawienia lokalne\Dane aplikacji\IconCache.db[2009-07-13 16:24:54 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys[2009-07-13 05:48:54 | 00,219,648 | ---- | M] () -- C:\WINDOWS\PEV.exe[2009-07-10 11:33:54 | 04,292,472 | ---- | M] () -- C:\Documents and Settings\Bonek\Pulpit\fergie - big girls don`t cry.mp3[2009-07-02 19:25:38 | 07,081,473 | ---- | M] () -- C:\Documents and Settings\Bonek\Pulpit\09-We Made You.mp3[2009-06-30 09:53:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat[2009-06-30 09:53:17 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk[2009-06-29 22:49:30 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl[2009-06-29 21:15:18 | 00,000,712 | ---- | M] () -- C:\Documents and Settings\Bonek\Pulpit\VPX.PL Uploader.lnk[2009-06-29 12:32:32 | 00,075,507 | -H-- | M] () -- C:\treeinfo.wc[2009-06-27 21:50:34 | 04,149,112 | ---- | M] () -- C:\Documents and Settings\Bonek\Pulpit\dj smash - volna.mp3[2009-06-27 21:37:25 | 03,799,698 | ---- | M] () -- C:\Documents and Settings\Bonek\Pulpit\lenka - the show.mp3[2009-06-27 21:21:22 | 03,079,136 | ---- | M] () -- C:\Documents and Settings\Bonek\Pulpit\britney spears - circus.mp3========== LOP Check ==========[2009-07-13 16:53:18 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji[2009-07-13 16:26:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite[2009-06-01 10:05:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET[2009-06-09 19:44:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet[2009-06-01 10:00:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl[2009-06-02 12:09:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TrackMania[2009-07-21 22:39:35 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji[2009-07-21 22:27:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\BESTplayer[2009-07-21 22:27:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\DAEMON Tools Lite[2009-07-21 22:20:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\EditPlus 3[2009-06-01 10:06:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\ESET[2009-07-21 22:47:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\FileZilla[2009-06-01 10:52:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\kikin[2009-06-19 21:43:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\Nowe Gadu-Gadu[2009-06-01 09:43:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\Opera[2009-07-13 16:53:23 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\SecuROM[2009-07-21 11:49:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\Tlen.pl[2009-06-01 10:16:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\Windows Desktop Search[2009-07-14 16:35:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Bonek\Dane aplikacji\WindowsApplication1[2009-06-01 11:16:38 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji[2009-06-01 09:29:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji[2009-06-28 19:22:44 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Mama\Dane aplikacji[2009-06-01 19:42:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Dane aplikacji\ESET[2009-06-10 13:37:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Dane aplikacji\Nowe Gadu-Gadu[2009-06-01 19:42:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Dane aplikacji\Opera[2009-06-01 09:28:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji[2001-07-22 00:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini[2009-07-21 23:57:20 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT========== Purity Check ==========< End of report >

Gość
komentarz
komentarz

Uruchom OTL i w oknie Custom Scans/Fixes wklej następujący skrypt:

:OTLPRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)O4 - HKU\S-1-5-21-1547161642-1801674531-1401443257-1003..\Run: [sVCHOST.EXE] C:\WINDOWS\System32\drivers\svchost.exe (http://www.softella.com/)O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not foundO4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not foundO4 - HKLM..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe (TODO: <Company name>):FilesC:\treeinfo.wcC:\WINDOWS\System32\drivers\svchost.exe:Commands[emptytemp][start explorer][Reboot]

Klikasz w Run Fix i zatwierdzasz restart komputera.

Po restarcie - pokazujesz log z czyszczenia.

.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.