Z0nK utworzono 29 września 2009 utworzono 29 września 2009 Witam ostatnio weszło mi parę wirusów chyba a może nawet szpieg :/ nie wiem jak usunąć kasperski i ad-aware nie łapią tego :/ proszę o pomoc [log]OTL logfile created on: 2009-09-30 00:55:16 - Run 2 OTL by OldTimer - Version 3.0.16.0 Folder = D:\programy sprawdzające Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 63,71% Memory free 3,84 Gb Paging File | 2,92 Gb Available in Paging File | 76,04% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 50,00 Gb Total Space | 4,47 Gb Free Space | 8,95% Space Free | Partition Type: NTFS Drive D: | 91,44 Gb Total Space | 39,11 Gb Free Space | 42,77% Space Free | Partition Type: NTFS Drive E: | 91,43 Gb Total Space | 32,81 Gb Free Space | 35,88% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MADEJ-3BA1FFB6E Current User Name: madej Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2004-08-04 01:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2007-03-16 08:06:34 | 00,868,352 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe PRC - [2007-04-03 20:55:08 | 00,839,680 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe PRC - [2008-12-12 18:06:40 | 00,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe PRC - [2009-04-23 15:51:38 | 00,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe PRC - [2007-01-02 21:40:10 | 00,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2009-05-28 22:11:04 | 00,717,320 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe PRC - [2009-08-28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe PRC - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2009-05-19 00:13:31 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2008-11-13 21:43:49 | 00,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe PRC - [2007-12-05 01:41:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe PRC - [2009-05-19 00:13:31 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe PRC - [2008-12-12 18:06:40 | 00,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe PRC - [2004-08-04 01:44:30 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe PRC - [2009-09-08 21:09:30 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2006-12-10 21:51:08 | 00,271,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe PRC - [2006-10-20 21:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe PRC - [2009-09-21 22:21:18 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2001-10-26 19:30:04 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\unsecapp.exe PRC - [2009-09-21 22:21:20 | 00,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2009-08-31 18:07:34 | 11,391,592 | ---- | M] (GG Network S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe PRC - [2009-07-25 18:22:36 | 00,376,320 | ---- | M] (Image-Line) -- C:\Program Files\FL Studio 9\FL.exe PRC - [2009-09-30 00:43:09 | 00,030,208 | ---- | M] () -- C:\Documents and Settings\madej\Moje dokumenty\Pobieranie\Keygen.Camel.Audio.Cameleon.5000.v1.7.exe PRC - [2009-09-21 22:21:24 | 02,353,992 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe PRC - [2009-09-12 02:45:50 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-05-19 00:13:31 | 00,054,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqsnotify.exe PRC - [2009-05-19 00:13:31 | 00,054,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqsnotify.exe PRC - [2009-05-19 00:13:31 | 00,054,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqsnotify.exe PRC - [2009-09-30 00:53:09 | 00,518,144 | ---- | M] (OldTimer Tools) -- D:\programy sprawdzające\OTL.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-05-28 22:11:04 | 00,717,320 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe -- (a2free [Auto | Running]) SRV - [2009-08-28 19:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running]) SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2009-07-21 13:42:05 | 00,208,616 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe -- (AVP [Auto | Running]) SRV - [2008-12-12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running]) SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2006-10-20 21:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Running]) SRV - [2004-08-04 01:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2007-01-19 23:44:40 | 00,225,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running]) SRV - [2007-01-19 23:44:40 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running]) SRV - [2006-10-30 03:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - [2009-09-08 21:09:30 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running]) SRV - [2009-05-19 00:13:31 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running]) SRV - [2009-09-21 22:21:18 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running]) SRV - [2008-11-13 21:43:49 | 00,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater [Auto | Running]) SRV - [2006-10-27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped]) SRV - [2006-11-08 16:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running]) SRV - [2006-10-30 03:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2008-12-12 18:06:40 | 00,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice [Auto | Running]) SRV - [2007-12-05 01:41:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running]) SRV - [2006-10-26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2006-11-08 16:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2007-05-18 11:01:50 | 00,304,640 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService [On_Demand | Running]) DRV - [2007-05-18 09:20:24 | 00,094,848 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\drivers\AEAudio.sys -- (AEAudio [On_Demand | Running]) DRV - [2009-05-18 14:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running]) DRV - [2004-10-27 15:21:36 | 00,138,240 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2006-12-06 08:02:28 | 00,049,920 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZid412.sys -- (HPZid412 [On_Demand | Stopped]) DRV - [2006-12-06 08:02:28 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped]) DRV - [2006-12-06 08:02:29 | 00,021,568 | R--- | M] (HP) -- C:\WINDOWS\System32\DRIVERS\HPZius12.sys -- (HPZius12 [On_Demand | Stopped]) DRV - [2008-07-21 17:34:36 | 00,121,872 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1 [Boot | Running]) DRV - [2009-05-18 23:56:04 | 00,033,808 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg [Boot | Running]) DRV - [2008-03-13 18:02:46 | 00,026,640 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klfltdev.sys -- (KLFLTDEV [On_Demand | Running]) DRV - [2009-05-18 23:56:04 | 00,226,832 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klif.sys -- (KLIF [System | Running]) DRV - [2008-04-30 17:06:48 | 00,024,592 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\DRIVERS\klim5.sys -- (klim5 [On_Demand | Running]) DRV - [2009-05-28 22:21:06 | 00,064,160 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd [Boot | Running]) DRV - [2008-07-28 17:19:28 | 00,116,736 | ---- | M] (MagicISO, Inc.) -- C:\WINDOWS\System32\DRIVERS\mcdbus.sys -- (mcdbus [On_Demand | Running]) DRV - [2004-08-13 04:56:20 | 00,005,810 | R--- | M] () -- C:\WINDOWS\System32\DRIVERS\ASACPI.sys -- (MTsensor [On_Demand | Running]) DRV - [2007-12-05 01:41:00 | 07,435,392 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2008-12-12 18:05:18 | 00,023,984 | ---- | M] (Cisco Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\pnarp.sys -- (pnarp [Auto | Running]) DRV - [2001-08-17 23:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) DRV - [2008-12-12 18:05:20 | 00,025,264 | ---- | M] (Cisco Systems, Inc.) -- C:\WINDOWS\System32\DRIVERS\purendis.sys -- (purendis [Auto | Running]) DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2006-07-27 03:49:10 | 00,083,712 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running]) DRV - [2004-11-30 12:10:00 | 00,161,792 | ---- | M] () -- C:\WINDOWS\system32\drivers\sdpiosys.sys -- (sdpiosys [System | Running]) DRV - [2004-07-17 12:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2006-03-17 18:18:58 | 00,392,960 | ---- | M] (Sensaura) -- C:\WINDOWS\System32\drivers\Senfilt.sys -- (SenFiltService [On_Demand | Running]) DRV - [2009-09-18 12:24:42 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2009-08-28 19:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped]) DRV - [2004-08-03 23:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running]) DRV - [2009-09-30 00:43:32 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\tdisp.sys -- (tdisp.sys [System | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1645522239-630328440-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-1645522239-630328440-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1645522239-630328440-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com IE - HKU\S-1-5-21-1645522239-630328440-839522115-1003\S-1-5-21-1645522239-630328440-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1645522239-630328440-839522115-1003\S-1-5-21-1645522239-630328440-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "DAEMON Search" FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3 FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-05-19 00:13:31 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-09-18 00:12:13 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-09-18 00:12:13 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\THBExt [2009-05-18 23:46:03 | 00,000,000 | ---D | M] [2009-05-18 22:30:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\mozilla\Extensions [2009-05-18 22:30:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-09-29 22:25:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\mozilla\Firefox\Profiles\qmza30b6.default\extensions [2009-05-25 19:19:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\mozilla\Firefox\Profiles\qmza30b6.default\extensions\en-GB@dictionaries.addons.mozilla.org [2009-09-18 12:27:05 | 00,002,399 | ---- | M] () -- C:\Documents and Settings\madej\Dane aplikacji\Mozilla\FireFox\Profiles\qmza30b6.default\searchplugins\daemon-search.xml [2009-09-29 22:25:52 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-09-12 02:45:50 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-05-18 22:45:29 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [2009-05-19 00:13:48 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2009-09-12 02:45:49 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2009-09-12 02:45:49 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009-05-19 00:13:31 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2009-09-12 02:45:50 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2006-10-26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2004-12-14 12:19:18 | 00,057,344 | R--- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009-09-18 00:12:12 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009-09-18 00:12:12 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009-09-18 00:12:12 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009-09-18 00:12:12 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009-09-18 00:12:13 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009-09-18 00:12:13 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009-09-18 00:12:13 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2009-09-07 23:04:43 | 00,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2009-09-07 23:04:43 | 00,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2009-09-07 23:04:43 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2009-09-07 23:04:43 | 00,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2009-09-07 23:04:43 | 00,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2009-09-07 23:04:43 | 00,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2009-09-07 23:04:43 | 00,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1645522239-630328440-839522115-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [a94up5swfubl] C:\WINDOWS\System32\a94up5pwfusm.exe () O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [AWMON] C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe File not found O4 - HKLM..\Run: [Flashget] C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [mssysfs] C:\WINDOWS\System32\doujufvb.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [whifpf] C:\WINDOWS\System32\whifpf.exe () O4 - HKU\S-1-5-21-1645522239-630328440-839522115-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-1645522239-630328440-839522115-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1645522239-630328440-839522115-1003..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) O4 - Startup: C:\Documents and Settings\madej\Menu Start\Programy\Autostart\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1645522239-630328440-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm () O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm () O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll (Kaspersky Lab) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\a94up5qwfubm.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\a94up5qwfubm.dll () O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\adialhk.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Documents) - File not found O20 - HKLM Winlogon: UserInit - (and) - File not found O20 - HKLM Winlogon: UserInit - (Settings\madej\vvgku.exe) - File not found O20 - HKLM Winlogon: UserInit - (\s) - File not found O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\System32\klogon.dll (Kaspersky Lab) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-05-18 22:10:50 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{5131d6ea-7ad9-11de-b14f-001bfc1b0f5a}\Shell\AutoRun\command - "" = I:\e8kj.exe -- File not found O33 - MountPoints2\{5131d6ea-7ad9-11de-b14f-001bfc1b0f5a}\Shell\explore\Command - "" = I:\e8kj.exe -- File not found O33 - MountPoints2\{5131d6ea-7ad9-11de-b14f-001bfc1b0f5a}\Shell\open\Command - "" = I:\e8kj.exe -- File not found O33 - MountPoints2\{80b1b71e-51e3-11de-b0fa-001bfc1b0f5a}\Shell\AutoRun\command - "" = I:\e8kj.exe -- File not found O33 - MountPoints2\{80b1b71e-51e3-11de-b0fa-001bfc1b0f5a}\Shell\explore\Command - "" = I:\e8kj.exe -- File not found O33 - MountPoints2\{80b1b71e-51e3-11de-b0fa-001bfc1b0f5a}\Shell\open\Command - "" = I:\e8kj.exe -- File not found O33 - MountPoints2\{adb24778-724f-11de-b140-001bfc1b0f5a}\Shell\AutoRun\command - "" = I:\e8kj.exe -- File not found O33 - MountPoints2\{adb24778-724f-11de-b140-001bfc1b0f5a}\Shell\explore\Command - "" = I:\e8kj.exe -- File not found O33 - MountPoints2\{adb24778-724f-11de-b140-001bfc1b0f5a}\Shell\open\Command - "" = I:\e8kj.exe -- File not found O33 - MountPoints2\{f95d65f0-a9eb-11de-b1b7-001bfc1b0f5a}\Shell\AutoRun\command - "" = e8kj.exe O33 - MountPoints2\{f95d65f0-a9eb-11de-b1b7-001bfc1b0f5a}\Shell\explore\Command - "" = e8kj.exe O33 - MountPoints2\{f95d65f0-a9eb-11de-b1b7-001bfc1b0f5a}\Shell\open\Command - "" = e8kj.exe O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-09-30 00:44:10 | 00,290,816 | RHS- | C] () -- C:\WINDOWS\System32\a94up5qwfubm.dll [2009-09-30 00:43:50 | 00,176,128 | -H-- | C] () -- C:\WINDOWS\System32\doujufvb.exe [2009-09-30 00:43:32 | 00,018,432 | ---- | C] () -- C:\WINDOWS\System32\tdisp.sys [2009-09-30 00:43:31 | 00,336,896 | RHS- | C] () -- C:\WINDOWS\System32\a94up5pwfusm.exe [2009-09-30 00:43:30 | 00,027,136 | ---- | C] () -- C:\WINDOWS\System32\whifpf.exe [2009-09-30 00:43:15 | 00,000,010 | ---- | C] () -- C:\WINDOWS\System32\kr_done1 [2009-09-29 22:32:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\madej\Ustawienia lokalne\Dane aplikacji\cache [2009-09-29 22:30:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\madej\Dane aplikacji\Nowe Gadu-Gadu [2009-09-29 22:30:43 | 00,000,000 | ---D | C] -- C:\Program Files\Nowe Gadu-Gadu [2009-09-29 21:51:04 | 00,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI [2009-09-28 00:34:37 | 00,000,000 | ---D | C] -- C:\Program Files\Camel Audio Cameleon 5000 v1.2 [2009-09-28 00:31:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AraldFX [2009-09-25 16:56:43 | 14,969,587 | ---- | C] () -- C:\Documents and Settings\madej\Moje dokumenty\autobus 4.mp4 [2009-09-23 14:17:32 | 08,488,751 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\Temper Traps - Eurhythmic Disposition (Eddie Thoneick Bootleg)re-make.mp3 [2009-09-22 13:56:50 | 00,000,669 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\FL Studio 9.lnk [2009-09-22 13:53:27 | 00,000,000 | ---D | C] -- C:\Program Files\FL Studio 9 [2009-09-21 15:39:47 | 00,000,000 | ---D | C] -- C:\Program Files\Edirol [2009-09-18 23:27:42 | 00,000,000 | ---D | C] -- C:\Program Files\Sakura [2009-09-18 12:26:59 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2009-09-18 00:13:16 | 00,000,000 | ---D | C] -- C:\Program Files\iPod [2009-09-18 00:13:11 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes [2009-09-18 00:13:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009-09-18 00:11:48 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime [2009-09-17 21:08:16 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\ArtFfct.dll [2009-09-17 21:07:55 | 00,000,000 | ---D | C] -- C:\Program Files\Arturia [2009-09-17 17:37:49 | 00,003,498 | ---- | C] () -- C:\Documents and Settings\madej\Moje dokumenty\nie_gif.jpg [2009-09-17 00:22:26 | 00,000,000 | ---D | C] -- C:\Program Files\u-he [2009-09-16 14:05:27 | 00,000,000 | ---D | C] -- C:\Program Files\sytrus [2009-09-14 20:54:17 | 00,000,000 | ---D | C] -- C:\Program Files\Toontrack [2009-09-14 01:22:13 | 00,885,466 | ---- | C] () -- C:\WINDOWS\nautilus.wav [2009-09-13 23:53:04 | 00,000,000 | ---D | C] -- C:\Program Files\rgcaudio [2009-09-13 18:27:04 | 01,764,177 | ---- | C] () -- C:\WINDOWS\System32\TmpA11563796 [2009-09-13 01:49:28 | 00,704,330 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\trance2.mp3 [2009-09-12 03:10:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Identities [2009-09-11 21:20:39 | 14,381,469 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\anka.rar [2009-09-11 19:34:05 | 00,039,225 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\aga marta.jpg [2009-09-11 17:09:31 | 00,000,000 | ---D | C] -- C:\Program Files\Cakewalk [2009-09-07 23:22:03 | 00,000,000 | R--D | C] -- C:\Documents and Settings\madej\Moje dokumenty\Pobieranie [2009-09-07 21:54:45 | 18,039,850 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\Freddy Jones & Sami Dee, Crystal Waters - Gypsy Woman (Tristan Garner 2009 Remix).mp3 [2009-09-07 19:38:16 | 54,177,793 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\ELECTROCITY LAIDBACK LUKE mck.x-taze.pl.mp3 [2009-09-07 18:22:27 | 00,000,000 | ---D | C] -- C:\Program Files\rgcaudio software [2009-09-07 13:45:04 | 03,973,569 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\p six vs. guru josh project - let me know (infinity).mp3 [2009-09-06 22:51:42 | 20,112,317 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\The Rudenko Project feat. Nicco - Destination (Extended Mix).mp3 [2009-09-06 19:26:58 | 12,333,041 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\Michael Jackson - Beat It (Timothy Cee Remix) (Unreleased Mix).mp3 [2009-09-06 19:22:26 | 14,629,660 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\DJ Antoine - Say the words (DJ Antoine vs Yoko Remix).mp3 [2009-09-06 19:22:08 | 16,545,792 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\Matush - Party Time (Original Mix).mp3 [2009-09-06 12:15:41 | 85,808,283 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\Dj Icey - automatic Static 7.08.09.mp3 [2009-09-06 00:22:26 | 15,495,945 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\Amy Pearson - Butterfingers (Wawa Remix).mp3 [2009-09-05 23:44:33 | 00,892,928 | ---- | C] (Free Software Foundation) -- C:\WINDOWS\System32\iconv.dll [2009-09-05 23:44:33 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-09-05 23:44:33 | 00,675,840 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.ax [2009-09-05 23:22:41 | 05,951,248 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\Eddy Wata - My Dream (Sound Access RmX)].mp3 [2009-09-05 20:07:11 | 16,961,868 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\Temper Traps - Eurhythmic Disposition (Eddie Thoneick Bootleg).mp3 [2009-09-04 17:42:55 | 00,000,000 | ---D | C] -- C:\Program Files\GoldWave [2009-09-04 16:50:35 | 05,110,547 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\01-la_roux-bulletproof_(tiborg_radio_remix)4clubbers.pl.mp3 [2009-09-04 15:04:49 | 11,882,703 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\04-comeea-unfaithful__disco_freaks_freaky_remix.mp3 [2009-09-04 01:18:27 | 00,000,645 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\MixVibes DVS.LNK [2009-09-04 01:18:22 | 00,000,000 | ---D | C] -- C:\Program Files\MixVibesDVS [2009-09-04 01:16:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2009-09-04 01:14:44 | 00,720,896 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe [2009-09-04 01:13:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\madej\Dane aplikacji\invibes [2009-09-04 01:02:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\DAEMON Tools Images [2009-09-04 00:58:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\madej\Dane aplikacji\DAEMON Tools Pro [2009-09-04 00:58:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\madej\Dane aplikacji\DAEMON Tools [2009-09-04 00:58:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-09-04 00:57:58 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar [2009-09-04 00:55:20 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-09-04 00:55:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\madej\Dane aplikacji\DAEMON Tools Lite [2009-09-04 00:12:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\madej\Dane aplikacji\Media Player Classic [2009-09-04 00:08:38 | 00,421,888 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.acm [2009-09-04 00:08:31 | 00,000,000 | ---D | C] -- C:\Program Files\XP Codec Pack [2009-09-03 23:59:07 | 00,673,792 | ---- | C] () -- C:\WINDOWS\is-F5LEK.exe [2009-09-03 23:59:07 | 00,010,781 | ---- | C] () -- C:\WINDOWS\is-F5LEK.msg [2009-09-03 23:59:07 | 00,000,112 | ---- | C] () -- C:\WINDOWS\is-F5LEK.lst [2009-09-03 23:54:10 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-09-03 20:35:36 | 14,441,620 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\Komodo - All 4 U (Digital Mode Spinnin Rmx).mp3 [2009-09-03 20:25:19 | 14,647,507 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\05_royal_gigolos-get_the_party_started_(extended_version)-wtw.mp3 [2009-09-02 15:04:56 | 07,327,495 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\Olive - You re Not Alone 2009 (Aran B Remix).mp3 [2009-09-02 15:04:49 | 17,091,480 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\Noferini & Marini - House Music (Original Dirty Mix).mp3 [2009-09-02 12:14:07 | 27,915,702 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\123.mp3 [2009-09-01 21:28:32 | 86,421,789 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\dj Icey - automatic static 15.08.09.mp3 [2009-09-01 13:22:31 | 00,032,318 | ---- | C] () -- C:\Documents and Settings\madej\Pulpit\b8a02593a8.jpeg [2009-08-15 18:50:46 | 00,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\beep.sys [2009-05-18 22:47:10 | 00,008,815 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009-05-18 22:47:08 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2009-05-18 22:46:54 | 00,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2009-05-02 07:58:54 | 00,000,122 | ---- | C] () -- C:\WINDOWS\msmmdx9.ini [2008-12-19 16:15:58 | 04,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2008-12-17 18:41:18 | 00,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll [2008-12-17 18:22:58 | 00,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll [2008-12-17 18:22:48 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-12-17 18:17:34 | 00,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll [2008-12-17 17:59:54 | 00,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll [2008-12-11 12:27:02 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2007-12-05 01:41:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007-12-05 01:41:00 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007-12-05 01:41:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007-12-05 01:41:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007-12-05 01:41:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2004-11-30 12:10:00 | 00,161,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\SDPIOSYS.SYS [2004-11-24 20:25:52 | 00,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll [2004-10-03 18:50:54 | 00,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll [2004-08-04 01:44:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2004-07-17 12:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2001-07-22 00:16:20 | 00,000,636 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-22 00:15:52 | 00,000,257 | ---- | C] () -- C:\WINDOWS\system.ini [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [1 C:\*.tmp files] [2009-09-30 00:44:10 | 00,290,816 | RHS- | M] () -- C:\WINDOWS\System32\a94up5qwfubm.dll [2009-09-30 00:43:48 | 00,176,128 | -H-- | M] () -- C:\WINDOWS\System32\doujufvb.exe [2009-09-30 00:43:32 | 00,018,432 | ---- | M] () -- C:\WINDOWS\System32\tdisp.sys [2009-09-30 00:43:31 | 00,336,896 | RHS- | M] () -- C:\WINDOWS\System32\a94up5pwfusm.exe [2009-09-30 00:43:24 | 00,027,136 | ---- | M] () -- C:\WINDOWS\System32\whifpf.exe [2009-09-30 00:43:15 | 00,000,010 | ---- | M] () -- C:\WINDOWS\System32\kr_done1 [2009-09-29 23:06:01 | 04,695,072 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat [2009-09-29 23:05:57 | 00,039,856 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx [2009-09-29 22:30:15 | 00,720,928 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat [2009-09-29 22:30:14 | 00,005,640 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx [2009-09-29 22:07:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-09-29 22:06:58 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-09-29 22:00:16 | 00,107,547 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat [2009-09-29 22:00:16 | 00,095,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat [2009-09-29 21:51:04 | 00,000,032 | ---- | M] () -- C:\WINDOWS\CD_Start.INI [2009-09-29 20:05:29 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-09-28 01:31:30 | 02,639,484 | -H-- | M] () -- C:\Documents and Settings\madej\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-09-27 18:02:10 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-09-24 22:21:30 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2009-09-23 14:17:55 | 08,488,751 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\Temper Traps - Eurhythmic Disposition (Eddie Thoneick Bootleg)re-make.mp3 [2009-09-22 13:56:50 | 00,000,669 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FL Studio 9.lnk [2009-09-22 00:06:52 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\madej\Dane aplikacji\winscp.rnd [2009-09-21 22:06:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2009-09-18 12:24:42 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-09-17 23:09:11 | 00,002,193 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\Steam.lnk [2009-09-17 17:37:50 | 00,003,498 | ---- | M] () -- C:\Documents and Settings\madej\Moje dokumenty\nie_gif.jpg [2009-09-16 00:38:03 | 00,072,000 | ---- | M] () -- C:\Documents and Settings\madej\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-09-14 12:27:05 | 00,276,560 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-09-13 18:27:04 | 01,764,177 | ---- | M] () -- C:\WINDOWS\System32\TmpA11563796 [2009-09-13 01:49:36 | 00,704,330 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\trance2.mp3 [2009-09-11 21:20:44 | 14,381,469 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\anka.rar [2009-09-11 19:34:05 | 00,039,225 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\aga marta.jpg [2009-09-07 21:57:10 | 18,039,850 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\Freddy Jones & Sami Dee, Crystal Waters - Gypsy Woman (Tristan Garner 2009 Remix).mp3 [2009-09-07 20:08:22 | 54,177,793 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\ELECTROCITY LAIDBACK LUKE mck.x-taze.pl.mp3 [2009-09-07 13:48:02 | 03,973,569 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\p six vs. guru josh project - let me know (infinity).mp3 [2009-09-06 22:54:54 | 20,112,317 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\The Rudenko Project feat. Nicco - Destination (Extended Mix).mp3 [2009-09-06 20:56:37 | 00,009,728 | ---- | M] () -- C:\Documents and Settings\madej\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-06 19:30:14 | 12,333,041 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\Michael Jackson - Beat It (Timothy Cee Remix) (Unreleased Mix).mp3 [2009-09-06 19:28:24 | 16,545,792 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\Matush - Party Time (Original Mix).mp3 [2009-09-06 19:27:22 | 14,629,660 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\DJ Antoine - Say the words (DJ Antoine vs Yoko Remix).mp3 [2009-09-06 12:29:56 | 85,808,283 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\Dj Icey - automatic Static 7.08.09.mp3 [2009-09-06 00:31:28 | 15,495,945 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\Amy Pearson - Butterfingers (Wawa Remix).mp3 [2009-09-05 23:27:04 | 05,951,248 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\Eddy Wata - My Dream (Sound Access RmX)].mp3 [2009-09-05 20:11:47 | 16,961,868 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\Temper Traps - Eurhythmic Disposition (Eddie Thoneick Bootleg).mp3 [2009-09-04 16:55:42 | 05,110,547 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\01-la_roux-bulletproof_(tiborg_radio_remix)4clubbers.pl.mp3 [2009-09-04 15:10:25 | 11,882,703 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\04-comeea-unfaithful__disco_freaks_freaky_remix.mp3 [2009-09-04 01:22:28 | 00,720,896 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe [2009-09-04 01:22:06 | 00,000,645 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\MixVibes DVS.LNK [2009-09-03 23:59:07 | 00,673,792 | ---- | M] () -- C:\WINDOWS\is-F5LEK.exe [2009-09-03 23:59:07 | 00,010,781 | ---- | M] () -- C:\WINDOWS\is-F5LEK.msg [2009-09-03 23:59:07 | 00,000,112 | ---- | M] () -- C:\WINDOWS\is-F5LEK.lst [2009-09-03 20:45:28 | 14,441,620 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\Komodo - All 4 U (Digital Mode Spinnin Rmx).mp3 [2009-09-03 20:30:28 | 14,647,507 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\05_royal_gigolos-get_the_party_started_(extended_version)-wtw.mp3 [2009-09-03 17:26:21 | 00,000,636 | ---- | M] () -- C:\WINDOWS\win.ini [2009-09-03 17:26:21 | 00,000,257 | ---- | M] () -- C:\WINDOWS\system.ini [2009-09-02 15:10:32 | 17,091,480 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\Noferini & Marini - House Music (Original Dirty Mix).mp3 [2009-09-02 15:08:12 | 07,327,495 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\Olive - You re Not Alone 2009 (Aran B Remix).mp3 [2009-09-01 21:50:37 | 86,421,789 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\dj Icey - automatic static 15.08.09.mp3 [2009-09-01 13:22:31 | 00,032,318 | ---- | M] () -- C:\Documents and Settings\madej\Pulpit\b8a02593a8.jpeg [color=#E56717]========== LOP Check ==========[/color] [2009-09-28 00:31:29 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-09-18 00:13:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009-05-28 22:15:16 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C91755-2546-441D-AC40-9A6B4B860800} [2009-05-19 00:33:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2009-05-18 22:53:51 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{D0D0BE61-F9F3-4330-BF43-3FC63530C4E6} [2009-09-28 00:31:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AraldFX [2009-09-04 00:58:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-05-18 22:45:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pure Networks [2009-05-19 00:14:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tlen.pl [2009-05-18 02:58:42 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji [2009-05-18 22:13:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji [2009-09-29 22:30:52 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\madej\Dane aplikacji [2009-05-19 00:41:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\Ableton [2009-07-07 23:14:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\Ahead [2009-05-29 22:57:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\Blue Cat Audio [2009-09-04 00:58:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\DAEMON Tools [2009-09-18 12:28:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\DAEMON Tools Lite [2009-09-04 00:58:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\DAEMON Tools Pro [2009-09-04 01:13:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\invibes [2009-08-12 20:41:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\Juce VST Host [2009-09-29 22:54:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\Nowe Gadu-Gadu [2009-08-13 20:43:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\Pioneer [2009-09-16 18:51:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\Tlen.pl [2009-09-20 18:39:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\madej\Dane aplikacji\uTorrent [2009-05-18 22:13:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji [2009-09-24 22:21:30 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2009-09-21 22:06:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [2001-07-22 00:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-09-29 22:07:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [2009-08-25 11:21:06 | 00,000,302 | ---- | M] () -- C:\WINDOWS\Tasks\WebReg Deskjet F4100 series.job [color=#E56717]========== Purity Check ==========[/color] < End of report >[/log]
Psycholandia komentarz 29 września 2009 komentarz 29 września 2009 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1645522239-630328440-839522115-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [a94up5swfubl] C:\WINDOWS\System32\a94up5pwfusm.exe () O4 - HKLM..\Run: [mssysfs] C:\WINDOWS\System32\doujufvb.exe () O4 - HKLM..\Run: [whifpf] C:\WINDOWS\System32\whifpf.exe () O20 - HKLM Winlogon: UserInit - (C:\Documents) - File not found O20 - HKLM Winlogon: UserInit - (and) - File not found O20 - HKLM Winlogon: UserInit - (Settings\madej\vvgku.exe) - File not found O20 - HKLM Winlogon: UserInit - (\s) - File not found O33 - MountPoints2\{f95d65f0-a9eb-11de-b1b7-001bfc1b0f5a}\Shell\AutoRun\command - "" = e8kj.exe O33 - MountPoints2\{f95d65f0-a9eb-11de-b1b7-001bfc1b0f5a}\Shell\explore\Command - "" = e8kj.exe O33 - MountPoints2\{f95d65f0-a9eb-11de-b1b7-001bfc1b0f5a}\Shell\open\Command - "" = e8kj.exe :Files C:\WINDOWS\System32\a94up5qwfubm.dll C:\WINDOWS\System32\doujufvb.exe C:\WINDOWS\System32\a94up5pwfusm.exe C:\WINDOWS\System32\whifpf.exe C:\WINDOWS\System32\kr_done1 C:\WINDOWS\System32\TmpA11563796 C:\Program Files\DAEMON Tools Toolbar C:\WINDOWS\is-F5LEK.exe C:\WINDOWS\is-F5LEK.msg C:\WINDOWS\is-F5LEK.lst C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\Tasks\WebReg Deskjet F4100 series.job :Commands [emptytemp] [start explorer] [Reboot][/code] Wklej powstałego po usuwaniu loga + nowego. Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code] Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.