rafal-39 utworzono 14 października 2009 utworzono 14 października 2009 przesyłam log, prosze o sprawdzenie [log] OTL logfile created on: 2009-10-14 15:00:16 - Run 1 OTL by OldTimer - Version 3.0.20.0 Folder = C:\Users\Tomek\Desktop Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16386) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1014,81 Mb Total Physical Memory | 352,53 Mb Available Physical Memory | 34,74% Memory free 2,23 Gb Paging File | 1,45 Gb Available in Paging File | 64,97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,49 Gb Total Space | 22,52 Gb Free Space | 65,30% Space Free | Partition Type: NTFS Drive D: | 40,04 Gb Total Space | 37,98 Gb Free Space | 94,87% Space Free | Partition Type: NTFS Drive E: | 4,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: TOMEK-PC Current User Name: Tomek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color="#E56717"]========== Processes (SafeList) ==========[/color] PRC - [2009-10-14 14:59:29 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe PRC - [2009-10-07 08:21:45 | 07,678,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-09-06 20:06:34 | 00,088,064 | ---- | M] (Kadu Team) -- C:\Program Files\Kadu\kadu.exe PRC - [2007-03-06 19:20:00 | 00,536,576 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\brccMCtl.exe PRC - [2006-11-02 11:45:07 | 02,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.exe PRC - [2006-11-02 11:44:59 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe [color="#E56717"]========== Win32 Services (SafeList) ==========[/color] SRV - [2006-11-02 14:34:59 | 00,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) SRV - [2006-11-02 14:34:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - [2006-11-02 14:34:58 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2006-11-02 14:34:56 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2006-11-02 14:33:48 | 00,263,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running]) SRV - [2006-11-02 11:46:13 | 00,989,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running]) SRV - [2006-11-02 11:46:13 | 00,365,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm [Auto | Running]) SRV - [2006-11-02 11:46:12 | 00,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr [Auto | Running]) SRV - [2006-11-02 08:34:11 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) [color="#E56717"]========== Driver Services (SafeList) ==========[/color] DRV - File not found -- -- (catchme [On_Demand | Running]) DRV - [2008-09-26 18:04:10 | 00,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\DRIVERS\ewusbmdm.sys -- (hwdatacard [On_Demand | Stopped]) DRV - [2007-02-06 17:08:24 | 00,684,672 | ---- | M] () -- C:\Windows\System32\DRIVERS\torususb.sys -- (TaurusUsb [On_Demand | Stopped]) DRV - [2007-01-22 12:52:56 | 00,060,533 | ---- | M] (STMicroelectronics ) -- C:\Windows\System32\DRIVERS\stmatm.sys -- (Stmatm [On_Demand | Running]) DRV - [2006-11-02 11:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped]) DRV - [2006-11-02 11:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped]) DRV - [2006-11-02 11:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped]) DRV - [2006-11-02 11:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped]) DRV - [2006-11-02 11:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped]) DRV - [2006-11-02 11:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped]) DRV - [2006-11-02 11:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped]) DRV - [2006-11-02 11:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped]) DRV - [2006-11-02 11:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped]) DRV - [2006-11-02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped]) DRV - [2006-11-02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped]) DRV - [2006-11-02 11:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped]) DRV - [2006-11-02 11:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped]) DRV - [2006-11-02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped]) DRV - [2006-11-02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped]) DRV - [2006-11-02 11:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped]) DRV - [2006-11-02 11:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped]) DRV - [2006-11-02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped]) DRV - [2006-11-02 11:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped]) DRV - [2006-11-02 11:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped]) DRV - [2006-11-02 11:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped]) DRV - [2006-11-02 11:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped]) DRV - [2006-11-02 11:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped]) DRV - [2006-11-02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped]) DRV - [2006-11-02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped]) DRV - [2006-11-02 11:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped]) DRV - [2006-11-02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped]) DRV - [2006-11-02 11:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped]) DRV - [2006-11-02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped]) DRV - [2006-11-02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped]) DRV - [2006-11-02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped]) DRV - [2006-11-02 11:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped]) DRV - [2006-11-02 11:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped]) DRV - [2006-11-02 11:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped]) DRV - [2006-11-02 11:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped]) DRV - [2006-11-02 10:57:48 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\usb8023x.sys -- (usb_rndisx [On_Demand | Running]) DRV - [2006-11-02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped]) DRV - [2006-11-02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped]) DRV - [2006-11-02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped]) DRV - [2006-11-02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped]) DRV - [2006-11-02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped]) DRV - [2006-11-02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped]) DRV - [2006-11-02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped]) DRV - [2006-11-02 09:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped]) DRV - [2006-11-02 09:30:53 | 00,464,384 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\DRIVERS\bcmwl6.sys -- (BCM43XV [On_Demand | Running]) DRV - [2006-11-02 09:30:53 | 00,045,056 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running]) DRV - [2006-11-02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running]) DRV - [2006-10-19 04:10:57 | 01,380,864 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (ialm [On_Demand | Running]) [color="#E56717"]========== Standard Registry (SafeList) ==========[/color] [color="#E56717"]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = [url="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"]http://ie.search.msn...st/srchcust.htm[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"]http://ie.search.msn...st/srchasst.htm[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"]http://www.microsoft...=ie&ar=iesearch[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color="#E56717"]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "otomoto.pl" FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-10-07 08:21:46 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-10-07 08:21:46 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009-08-24 08:57:32 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009-07-19 10:08:14 | 00,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\mozilla\Firefox\Profiles\ojatq7j3.default\extensions [2009-10-06 09:46:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-10-07 08:21:46 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-07-19 12:21:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [2009-10-06 09:46:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org [2009-10-07 08:21:42 | 00,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll [2009-10-07 08:21:42 | 00,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll [2009-10-07 08:21:42 | 00,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll [2009-10-07 08:21:42 | 00,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll [2009-10-07 08:21:42 | 00,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll [2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2009-07-19 12:21:20 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2009-10-07 08:21:45 | 00,022,656 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2006-06-03 18:39:49 | 00,000,904 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2008-06-07 02:50:04 | 00,001,419 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2007-01-18 00:05:32 | 00,002,368 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2007-03-31 19:10:44 | 00,000,926 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2006-06-03 18:39:49 | 00,000,866 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2008-03-29 23:06:54 | 00,001,198 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2007-01-05 13:40:09 | 00,001,693 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [AdslTaskBar] C:\Windows\System32\stmctrl.DLL (STMicroelectronics ) O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptbehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptbehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_14) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\Explorer.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color="#E56717"]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-10-05 17:09:19 | 00,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Kadu [2009-10-14 14:42:43 | 00,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\temp [2009-10-05 17:08:39 | 00,000,000 | ---D | C] -- C:\Program Files\Kadu [2009-10-01 19:36:37 | 00,000,000 | ---D | C] -- C:\Program Files\SubEdit-Player [2009-10-14 14:59:25 | 00,520,704 | ---- | C] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe [2009-10-14 14:42:43 | 00,000,000 | ---D | C] -- C:\Windows\temp [2009-10-14 14:42:41 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2009-10-14 14:35:27 | 00,000,000 | ---D | C] -- C:\ComboFix [2009-10-14 14:16:41 | 00,396,288 | ---- | C] (Trend Micro Inc.) -- C:\Users\Tomek\Desktop\HijackThis.exe [2009-10-13 14:01:52 | 00,000,000 | ---D | C] -- C:\Users\Tomek\Desktop\jhgjhgjkh [2009-10-12 14:02:41 | 00,000,000 | ---D | C] -- C:\Qoobox [2009-10-12 13:12:10 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2009-10-12 13:12:10 | 00,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2009-10-12 13:12:10 | 00,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2009-10-12 13:12:10 | 00,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2009-10-12 13:10:53 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT [2009-10-04 09:27:13 | 00,195,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2009-10-01 09:10:33 | 00,000,000 | ---D | C] -- C:\Users\Tomek\Desktop\Kurs_Photoshop_1_by_Seti [color="#E56717"]========== Files - Modified Within 30 Days ==========[/color] [2009-10-14 14:59:29 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe [2009-10-14 14:53:29 | 00,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009-10-14 14:53:29 | 00,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009-10-14 14:44:51 | 00,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2009-10-14 14:44:51 | 00,535,568 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2009-10-14 14:44:51 | 00,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2009-10-14 14:44:51 | 00,086,416 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2009-10-14 14:44:50 | 01,326,240 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2009-10-14 14:41:11 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini [2009-10-14 14:31:47 | 03,337,810 | R--- | M] () -- C:\Users\Tomek\Desktop\ComboFix.exe [2009-10-14 08:53:16 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009-10-14 08:53:09 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009-10-14 08:53:05 | 10,647,55200 | -HS- | M] () -- C:\hiberfil.sys [2009-10-13 19:03:14 | 04,158,595 | -H-- | M] () -- C:\Users\Tomek\AppData\Local\IconCache.db [2009-10-12 13:49:17 | 00,016,896 | ---- | M] () -- C:\Users\Tomek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-10-11 08:10:09 | 00,236,544 | ---- | M] () -- C:\Windows\PEV.exe [2009-10-06 09:46:02 | 00,001,684 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2009-10-06 08:54:03 | 00,017,408 | ---- | M] () -- C:\Users\Tomek\Desktop\umowa wstawienia.doc [2009-10-06 08:54:03 | 00,015,150 | ---- | M] () -- C:\Users\Tomek\Documents\Automatic_Backup.rtf [2009-10-05 17:08:52 | 00,000,698 | ---- | M] () -- C:\Users\Public\Desktop\Kadu.lnk [2009-10-05 16:17:25 | 10,000,0000 | ---- | M] () -- C:\Users\Tomek\Desktop\Kurs_Photoshop_2_by_Seti.part2.rar [2009-10-01 14:30:20 | 10,000,0000 | ---- | M] () -- C:\Users\Tomek\Desktop\Kurs_Photoshop_2_by_Seti.part1.rar [2009-10-01 10:29:14 | 00,195,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [color="#E56717"]========== Files - No Company Name ==========[/color] [2009-10-12 13:12:10 | 00,236,544 | ---- | C] () -- C:\Windows\PEV.exe [2009-10-12 13:12:10 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe [2009-10-12 13:12:10 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe [2009-10-12 13:12:10 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe [2009-10-12 13:07:44 | 03,337,810 | R--- | C] () -- C:\Users\Tomek\Desktop\ComboFix.exe [2009-10-05 17:08:52 | 00,000,698 | ---- | C] () -- C:\Users\Public\Desktop\Kadu.lnk [2009-10-05 16:03:46 | 10,000,0000 | ---- | C] () -- C:\Users\Tomek\Desktop\Kurs_Photoshop_2_by_Seti.part2.rar [2009-10-01 14:14:25 | 10,000,0000 | ---- | C] () -- C:\Users\Tomek\Desktop\Kurs_Photoshop_2_by_Seti.part1.rar [2009-07-23 13:40:45 | 00,016,896 | ---- | C] () -- C:\Users\Tomek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-07-19 10:55:34 | 04,158,595 | -H-- | C] () -- C:\Users\Tomek\AppData\Local\IconCache.db [2009-07-19 10:53:57 | 00,000,404 | ---- | C] () -- C:\Windows\BRWMARK.INI [2009-07-19 10:53:57 | 00,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2009-07-19 10:46:16 | 00,031,567 | ---- | C] () -- C:\Windows\maxlink.ini [2009-07-19 10:14:39 | 00,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll [2009-07-19 10:14:38 | 00,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll [2009-07-19 10:14:34 | 00,121,344 | ---- | C] () -- C:\Windows\System32\Ltpnt13n.dll [2009-07-19 09:55:33 | 00,684,672 | ---- | C] () -- C:\Windows\System32\drivers\torususb.sys [2009-07-19 09:55:32 | 00,000,161 | ---- | C] () -- C:\Windows\DSLSetup.ini [2009-07-19 09:54:07 | 00,049,064 | ---- | C] () -- C:\Users\Tomek\AppData\Local\GDIPFONTCACHEV1.DAT [2006-11-02 14:48:00 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2006-11-02 12:25:21 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006-11-02 12:23:31 | 00,000,215 | ---- | C] () -- C:\Windows\system.ini [2006-11-02 12:23:31 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini [2006-11-02 09:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [color="#E56717"]========== LOP Check ==========[/color] [2009-10-05 17:09:19 | 00,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming [2009-07-20 09:54:47 | 00,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Ahead [2009-07-26 21:19:34 | 00,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\BESTplayer [2009-08-20 16:52:20 | 00,000,000 | R--D | M] -- C:\Users\Tomek\AppData\Roaming\Brother [2009-07-19 10:14:45 | 00,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\EasyOffice [2009-07-19 10:03:41 | 00,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Gadu-Gadu [2009-07-19 10:31:55 | 00,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\IrfanView [2009-10-14 08:54:08 | 00,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Kadu [2009-07-19 10:22:00 | 00,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Thunderbird [2009-10-11 09:15:58 | 00,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\VSO [2009-10-14 08:53:16 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT [2009-10-13 19:03:26 | 00,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color="#E56717"]========== Purity Check ==========[/color] < End of report > [/log] [color="#ff0000"]//Poprawiam temat, nie tytułuj w ten sposób. //Pikusław[/color]
Psycholandia komentarz 14 października 2009 komentarz 14 października 2009 1. Jaki powód sprawdzania? 2. Zmień temat na taki, który dotyczy problem. 3. W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O4 - HKLM..\Run: [AdslTaskBar] C:\Windows\System32\stmctrl.DLL (STMicroelectronics ) :Files C:\Windows\System32\conime.exe C:\$RECYCLE.BIN C:\ComboFix C:\Qoobox C:\Windows\SWXCACLS.exe C:\Windows\SWREG.exe C:\Windows\SWSC.exe C:\Windows\NIRCMD.exe C:\Windows\ERDNT C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115- 601632D005A0 C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115- 601632D005A0 C:\Windows\PEV.exe C:\Windows\sed.exe C:\Windows\grep.exe C:\Windows\zip.exe C:\Users\Tomek\Desktop\ComboFix.exe :Commands [emptytemp] [start explorer] [Reboot][/code] 4. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
rafal-39 komentarz 15 października 2009 Autor komentarz 15 października 2009 Powód sprawdzania, myślę że to z powodu e8kj.exe lub tazebama(jezeli to to). Coś tworzy w każdym folderze po 2 pliki exe które po usunięciu natychmiast pojawiają sie pod inną nazwą [log]Malwarebytes' Anti-Malware 1.41 Wersja bazy definicji: 2960 Windows 6.0.6000 2009-10-15 12:15:41 mbam-log-2009-10-15 (12-15-41).txt Typ skanowania: Pełne skanowanie (C:\|D:\|) Przeskanowane obiekty: 138173 Upłynęło: 48 minute(s), 22 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 1 Zainfekowane klucze rejestru: 3 Zainfekowane wartości rejestru: 1 Zainfekowane pliki rejestru: 0 Zainfekowane foldery: 0 Zainfekowane pliki: 3 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: C:\Documents and Settings\tazebama.dll (Worm.Mabezat) -> Delete on reboot. Zainfekowane klucze rejestru: HKEY_CLASSES_ROOT\TypeLib\{7b154753-c2ff-45c9-974e-98e4d3914d9c} (Worm.Mabezat) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{6a198fc3-51aa-4403-b281-168f86d9053a} (Worm.Mabezat) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{79806449-ab35-42ec-9be9-b390209ce514} (Worm.Mabezat) -> Quarantined and deleted successfully. Zainfekowane wartości rejestru: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{79806449-ab35-42ec-9be9-b390209ce514} (Worm.Mabezat) -> Quarantined and deleted successfully. Zainfekowane pliki rejestru: (Nie wykryto groźnych plików) Zainfekowane foldery: (Nie wykryto groźnych plików) Zainfekowane pliki: C:\Documents and Settings\tazebama.dll (Worm.Mabezat) -> Delete on reboot. C:\Users\tazebama.dll (Worm.Mabezat) -> Delete on reboot. C:\Users\hook.dl_ (Worm.Mabezat) -> Quarantined and deleted successfully. [/log]
Psycholandia komentarz 15 października 2009 komentarz 15 października 2009 Jeśli pliki utworzyły się na nowo, przeskanuj każdy z osobna na tej stronce: http://www.virustotal.com/pl/ i wklej wyniki.
rafal-39 komentarz 15 października 2009 Autor komentarz 15 października 2009 (edytowane) gdy usuwam je ręcznie na razie nie tworzą się, pliki w folderach w każdym pod inną nazwą z tym że nazwa pliku jest zazwyczaj nazwą folderu 1 plik [log] Antywirus Wersja Ostatnia aktualizacja Wynik a-squared 4.5.0.41 2009.10.15 Worm.Win32.Mabezat!IK AhnLab-V3 5.0.0.2 2009.10.14 Win32/Mabezat AntiVir 7.9.1.35 2009.10.15 Worm/Mabezat.b Antiy-AVL 2.0.3.7 2009.10.15 Worm/Win32.Mabezat.gen Authentium 5.1.2.4 2009.10.15 W32/Mabezat.A Avast 4.8.1351.0 2009.10.14 Win32:Mabezat-AM AVG 8.5.0.420 2009.10.15 Worm/Mabezat.A BitDefender 7.2 2009.10.15 Worm.Generic.56564 CAT-QuickHeal 10.00 2009.10.15 W32.Mabezat.Dr ClamAV 0.94.1 2009.10.15 W32.Mabezat-2 Comodo 2608 2009.10.15 - DrWeb 5.0.0.12182 2009.10.15 Win32.HLLW.Tazebama eSafe 7.0.17.0 2009.10.14 Win32.Mabezat.b eTrust-Vet 35.1.7069 2009.10.15 Win32/Mabezat.B F-Prot 4.5.1.85 2009.10.14 W32/Mabezat.A F-Secure 8.0.14470.0 2009.10.15 Worm.Win32.Mabezat.b Fortinet 3.120.0.0 2009.10.15 W32/Mabezat.B GData 19 2009.10.15 Worm.Generic.56564 Ikarus T3.1.1.72.0 2009.10.15 Worm.Win32.Mabezat Jiangmin 11.0.800 2009.10.15 Trojan/Mabezat.j K7AntiVirus 7.10.870 2009.10.14 Virus.Win32.Mabezat.b-3 Kaspersky 7.0.0.125 2009.10.15 Worm.Win32.Mabezat.b McAfee 5771 2009.10.14 W32/Mabezat McAfee+Artemis 5771 2009.10.14 W32/Mabezat McAfee-GW-Edition 6.8.5 2009.10.15 Heuristic.LooksLike.Win32.Mabezat.H Microsoft 1.5101 2009.10.15 Virus:Win32/Mabezat.B NOD32 4509 2009.10.15 Win32/Mabezat.A Norman 6.01.09 2009.10.14 Mabezat.B nProtect 2009.1.8.0 2009.10.15 - Panda 10.0.2.2 2009.10.15 W32/Mabezat.C.worm PCTools 4.4.2.0 2009.10.14 Worm.Mabezat.A Prevx 3.0 2009.10.15 Medium Risk Malware Rising 21.51.32.00 2009.10.15 Win32.Mabezat.b Sophos 4.46.0 2009.10.15 W32/Mabezat-B Sunbelt 3.2.1858.2 2009.10.15 Worm.Win32.Mabezat.b (v) Symantec 1.4.4.12 2009.10.15 W32.Mabezat.B TheHacker 6.5.0.2.042 2009.10.14 W32/Mabezat.gen TrendMicro 8.950.0.1094 2009.10.15 PE_MABEZAT.B-O VBA32 3.12.10.11 2009.10.14 Worm.Win32.Mabezat.b ViRobot 2009.10.15.1986 2009.10.15 Worm.Win32.Mabezat.154751 VirusBuster 4.6.5.0 2009.10.14 Worm.Mabezat.A Dodatkowe informacje File size: 155513 bytes MD5...: e1587194bf6938e637645229da18c228 SHA1..: e79bb89eea1d9e84fcf855120ec1ead1fd29b56e SHA256: 81454f236404faa7dea42d9e6d1aa653f630dcf1e63948b311b042d08e18b99e ssdeep: 3072:yZ1UE7Zk06M6fjScmUdt+LPGvtT2n2Az5S31AibtLOQeJ7aWK:yZpL6MEjw eqbz5S31jtLOLdK PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1000 timedatestamp.....: 0x47257ae1 (Mon Oct 29 06:17:05 2007) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xd15a 0xd200 6.31 1914f0eea471c4da93e11e98bca9b8f0 .rdata 0xf000 0xfd6 0x1000 3.21 0a15e36ffbdbfe3c1dc992522468a94e .data 0x10000 0x44bc 0x2800 5.44 cf002120bd31f4cae97868a3cedf6390 .rsrc 0x15000 0x115c 0x1200 3.83 495a0d35f600aa62865e71aff09645db ( 3 imports ) > MSVCRT.dll: srand, memcmp, strcat, isdigit, isspace, memcpy, rename, memset, _EH_prolog, __CxxFrameHandler, strcmp, strncpy, strstr, strcpy, rand, abs, strlen > USER32.dll: MessageBoxA, wvsprintfA > KERNEL32.dll: GetModuleHandleA, HeapReAlloc, HeapFree, GetProcessHeap, HeapAlloc, LoadLibraryA, GetProcAddress, GetTickCount, GetStartupInfoA, GetCommandLineA, ExitProcess ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - trid..: Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=1C268802794823285F2002A3752DD4002CD55001' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=1C268802794823285F2002A3752DD4002CD55001</a> sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned [/log] 2 plik [log] Plik został już przeskanowany: MD5: cd87497c0efa26eb6acfbab12c0fa064 First received: 2009.06.06 07:38:19 UTC Data: 2009.06.23 13:11:07 UTC [>113D] Wyniki: 39/41 Permalink: analisis/57190d1346354c4bfa103ee91c7f788e66a8387db8be8ca0697a126d9c701102-1245762667 [/log]
Psycholandia komentarz 15 października 2009 komentarz 15 października 2009 Jak się plik nazywa i gdzie jest ulokowany? Daj nowego loga z OTL.
rafal-39 komentarz 15 października 2009 Autor komentarz 15 października 2009 [log]OTL logfile created on: 2009-10-15 13:22:43 - Run 2 OTL by OldTimer - Version 3.0.20.0 Folder = C:\Users\Tomek\Desktop Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16386) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1014,81 Mb Total Physical Memory | 515,82 Mb Available Physical Memory | 50,83% Memory free 2,23 Gb Paging File | 1,51 Gb Available in Paging File | 67,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,49 Gb Total Space | 22,11 Gb Free Space | 64,10% Space Free | Partition Type: NTFS Drive D: | 40,04 Gb Total Space | 37,99 Gb Free Space | 94,88% Space Free | Partition Type: NTFS Drive E: | 4,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: TOMEK-PC Current User Name: Tomek Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-10-14 14:59:29 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe PRC - [2009-10-07 08:21:45 | 07,678,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-09-06 20:06:34 | 00,088,064 | ---- | M] (Kadu Team) -- C:\Program Files\Kadu\kadu.exe PRC - [2007-03-12 14:51:26 | 00,663,552 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe PRC - [2007-03-02 16:48:00 | 00,098,304 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe PRC - [2006-11-02 11:45:07 | 02,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2006-11-02 14:34:59 | 00,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) SRV - [2006-11-02 14:34:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - [2006-11-02 14:34:58 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2006-11-02 14:34:56 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2006-11-02 14:33:48 | 00,263,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running]) SRV - [2006-11-02 11:46:13 | 00,989,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running]) SRV - [2006-11-02 11:46:13 | 00,365,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm [Auto | Running]) SRV - [2006-11-02 11:46:12 | 00,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr [Auto | Running]) SRV - [2006-11-02 08:34:11 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2008-09-26 18:04:10 | 00,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\DRIVERS\ewusbmdm.sys -- (hwdatacard [On_Demand | Stopped]) DRV - [2007-02-06 17:08:24 | 00,684,672 | ---- | M] () -- C:\Windows\System32\DRIVERS\torususb.sys -- (TaurusUsb [On_Demand | Stopped]) DRV - [2007-01-22 12:52:56 | 00,060,533 | ---- | M] (STMicroelectronics ) -- C:\Windows\System32\DRIVERS\stmatm.sys -- (Stmatm [On_Demand | Running]) DRV - [2006-11-02 11:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped]) DRV - [2006-11-02 11:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped]) DRV - [2006-11-02 11:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped]) DRV - [2006-11-02 11:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped]) DRV - [2006-11-02 11:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped]) DRV - [2006-11-02 11:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped]) DRV - [2006-11-02 11:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped]) DRV - [2006-11-02 11:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped]) DRV - [2006-11-02 11:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped]) DRV - [2006-11-02 11:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped]) DRV - [2006-11-02 11:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped]) DRV - [2006-11-02 11:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped]) DRV - [2006-11-02 11:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped]) DRV - [2006-11-02 11:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped]) DRV - [2006-11-02 11:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped]) DRV - [2006-11-02 11:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped]) DRV - [2006-11-02 11:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped]) DRV - [2006-11-02 11:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped]) DRV - [2006-11-02 11:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped]) DRV - [2006-11-02 11:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped]) DRV - [2006-11-02 11:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped]) DRV - [2006-11-02 11:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped]) DRV - [2006-11-02 11:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped]) DRV - [2006-11-02 11:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped]) DRV - [2006-11-02 11:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped]) DRV - [2006-11-02 11:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped]) DRV - [2006-11-02 11:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped]) DRV - [2006-11-02 11:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped]) DRV - [2006-11-02 11:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped]) DRV - [2006-11-02 11:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped]) DRV - [2006-11-02 11:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped]) DRV - [2006-11-02 11:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped]) DRV - [2006-11-02 11:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped]) DRV - [2006-11-02 11:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped]) DRV - [2006-11-02 11:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped]) DRV - [2006-11-02 10:57:48 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\usb8023x.sys -- (usb_rndisx [On_Demand | Running]) DRV - [2006-11-02 10:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped]) DRV - [2006-11-02 10:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped]) DRV - [2006-11-02 10:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped]) DRV - [2006-11-02 10:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped]) DRV - [2006-11-02 10:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped]) DRV - [2006-11-02 10:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped]) DRV - [2006-11-02 09:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped]) DRV - [2006-11-02 09:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped]) DRV - [2006-11-02 09:30:53 | 00,464,384 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\DRIVERS\bcmwl6.sys -- (BCM43XV [On_Demand | Running]) DRV - [2006-11-02 09:30:53 | 00,045,056 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\DRIVERS\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running]) DRV - [2006-11-02 08:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running]) DRV - [2006-10-19 04:10:57 | 01,380,864 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (ialm [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Wikipedia (pl)" FF - prefs.js..browser.startup.homepage: "otomoto.pl" FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-10-07 08:21:46 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-10-07 08:21:46 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009-08-24 08:57:32 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009-07-19 10:08:14 | 00,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\mozilla\Firefox\Profiles\ojatq7j3.default\extensions [2009-10-06 09:46:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2009-10-07 08:21:46 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009-07-19 12:21:54 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [2009-10-06 09:46:02 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org [2009-10-07 08:21:42 | 00,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll [2009-10-07 08:21:42 | 00,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll [2009-10-07 08:21:42 | 00,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll [2009-10-07 08:21:42 | 00,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll [2009-10-07 08:21:42 | 00,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll [2007-04-10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2009-07-19 12:21:20 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2009-10-07 08:21:45 | 00,022,656 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2006-06-03 18:39:49 | 00,000,904 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2008-06-07 02:50:04 | 00,001,419 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2007-01-18 00:05:32 | 00,002,368 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2007-03-31 19:10:44 | 00,000,926 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2006-06-03 18:39:49 | 00,000,866 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2008-03-29 23:06:54 | 00,001,198 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2007-01-05 13:40:09 | 00,001,693 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\Explorer.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009-10-15 12:16:44 | 00,000,126 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-10-15 12:16:44 | 00,000,126 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-10-14 16:42:10 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2009-10-05 17:09:19 | 00,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Kadu [2009-10-14 16:42:17 | 00,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Malwarebytes [2009-10-14 14:42:43 | 00,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\temp [2009-10-05 17:08:39 | 00,000,000 | ---D | C] -- C:\Program Files\Kadu [2009-10-14 16:42:10 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009-10-01 19:36:37 | 00,000,000 | ---D | C] -- C:\Program Files\SubEdit-Player [2009-10-14 16:42:12 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2009-10-14 16:42:10 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2009-10-14 16:36:51 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2009-10-14 16:35:58 | 00,000,000 | ---D | C] -- C:\_OTL [2009-10-14 16:35:05 | 04,045,528 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Tomek\Desktop\mbam-setup.exe [2009-10-14 14:59:25 | 00,520,704 | ---- | C] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe [2009-10-14 14:42:43 | 00,000,000 | ---D | C] -- C:\Windows\temp [2009-10-14 14:16:41 | 00,396,288 | ---- | C] (Trend Micro Inc.) -- C:\Users\Tomek\Desktop\HijackThis.exe [2009-10-13 14:01:52 | 00,000,000 | ---D | C] -- C:\Users\Tomek\Desktop\jhgjhgjkh [2009-10-04 09:27:13 | 00,195,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2009-10-01 09:10:33 | 00,000,000 | ---D | C] -- C:\Users\Tomek\Desktop\Kurs_Photoshop_1_by_Seti [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-10-15 13:18:34 | 00,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009-10-15 13:18:33 | 00,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009-10-15 12:22:55 | 00,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2009-10-15 12:22:55 | 00,535,568 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2009-10-15 12:22:55 | 00,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2009-10-15 12:22:55 | 00,086,416 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2009-10-15 12:22:54 | 01,326,240 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2009-10-15 12:18:30 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009-10-15 12:18:23 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009-10-15 12:18:19 | 10,647,55200 | -HS- | M] () -- C:\hiberfil.sys [2009-10-15 12:16:52 | 04,167,028 | -H-- | M] () -- C:\Users\Tomek\AppData\Local\IconCache.db [2009-10-15 12:16:44 | 00,000,126 | RHS- | M] () -- C:\autorun.inf [2009-10-15 12:15:43 | 00,155,943 | RHS- | M] () -- C:\zPharaoh.exe [2009-10-14 16:42:15 | 00,000,778 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009-10-14 16:35:40 | 04,045,528 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Tomek\Desktop\mbam-setup.exe [2009-10-14 14:59:29 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe [2009-10-14 14:41:11 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini [2009-10-12 13:49:17 | 00,016,896 | ---- | M] () -- C:\Users\Tomek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-10-06 09:46:02 | 00,001,684 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2009-10-06 08:54:03 | 00,017,408 | ---- | M] () -- C:\Users\Tomek\Desktop\umowa wstawienia.doc [2009-10-06 08:54:03 | 00,015,150 | ---- | M] () -- C:\Users\Tomek\Documents\Automatic_Backup.rtf [2009-10-05 17:08:52 | 00,000,698 | ---- | M] () -- C:\Users\Public\Desktop\Kadu.lnk [2009-10-05 16:17:25 | 10,000,0000 | ---- | M] () -- C:\Users\Tomek\Desktop\Kurs_Photoshop_2_by_Seti.part2.rar [2009-10-01 14:30:20 | 10,000,0000 | ---- | M] () -- C:\Users\Tomek\Desktop\Kurs_Photoshop_2_by_Seti.part1.rar [2009-10-01 10:29:14 | 00,195,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [color=#E56717]========== Files - No Company Name ==========[/color] [2009-10-15 12:15:43 | 00,155,943 | RHS- | C] () -- C:\zPharaoh.exe [2009-10-15 12:15:43 | 00,000,126 | RHS- | C] () -- C:\autorun.inf [2009-10-14 16:42:15 | 00,000,778 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009-10-05 17:08:52 | 00,000,698 | ---- | C] () -- C:\Users\Public\Desktop\Kadu.lnk [2009-10-05 16:03:46 | 10,000,0000 | ---- | C] () -- C:\Users\Tomek\Desktop\Kurs_Photoshop_2_by_Seti.part2.rar [2009-10-01 14:14:25 | 10,000,0000 | ---- | C] () -- C:\Users\Tomek\Desktop\Kurs_Photoshop_2_by_Seti.part1.rar [2009-07-23 13:40:45 | 00,016,896 | ---- | C] () -- C:\Users\Tomek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-07-19 10:55:34 | 04,167,028 | -H-- | C] () -- C:\Users\Tomek\AppData\Local\IconCache.db [2009-07-19 10:53:57 | 00,000,404 | ---- | C] () -- C:\Windows\BRWMARK.INI [2009-07-19 10:53:57 | 00,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2009-07-19 10:46:16 | 00,031,567 | ---- | C] () -- C:\Windows\maxlink.ini [2009-07-19 10:14:39 | 00,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll [2009-07-19 10:14:38 | 00,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll [2009-07-19 10:14:34 | 00,121,344 | ---- | C] () -- C:\Windows\System32\Ltpnt13n.dll [2009-07-19 09:55:33 | 00,684,672 | ---- | C] () -- C:\Windows\System32\drivers\torususb.sys [2009-07-19 09:55:32 | 00,000,161 | ---- | C] () -- C:\Windows\DSLSetup.ini [2009-07-19 09:54:07 | 00,049,064 | ---- | C] () -- C:\Users\Tomek\AppData\Local\GDIPFONTCACHEV1.DAT [2006-11-02 14:48:00 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2006-11-02 12:25:21 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006-11-02 12:23:31 | 00,000,215 | ---- | C] () -- C:\Windows\system.ini [2006-11-02 12:23:31 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini [2006-11-02 09:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini < End of report > [/log] tutaj link gdzie są te pliki http://twojezdjecie.pl/pliki/9b987fa5474469a5fdf0cbe421c05acf.jpg
Psycholandia komentarz 15 października 2009 komentarz 15 października 2009 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O32 - AutoRun File - [2009-10-15 12:16:44 | 00,000,126 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-10-15 12:16:44 | 00,000,126 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] :Files C:\$RECYCLE.BIN C:\Users\Tomek\Desktop\jhgjhgjkh C:\Windows\temp C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115- 601632D005A0 C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115- 601632D005A0 C:\autorun.inf D:\autorun.inf C:\zPharaoh.exe D:\zPharaoh.exe :Commands [emptytemp] [start explorer] [Reboot][/code] Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code] Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie. Pendriva lub inne urządzenia przenośne, które podpinasz do komputera przeskanuj programem: [url="http://www.programosy.pl/program,flash-desinfector.html"]Flash Desinfector[/url] --> czyli podpinasz pendriva i uruchamiasz program. Na chwilę zniknie pulpit, program w tym momencie oczyści Ci go z wirusów.
rafal-39 komentarz 15 października 2009 Autor komentarz 15 października 2009 Na razie jest ok. dzięki. Jeszcze jedno pytanko- gdybym chciał na drugim kompie to zrobić to muszę postępować tak samo??
Psycholandia komentarz 15 października 2009 komentarz 15 października 2009 Zrób logi z OTL z drugiego komputera, zobaczymy czy coś mu dolega Mam nadzieję, że pendriva przeczyściłeś? Bo nim możesz roznosić wirusy między komputerami.
rafal-39 komentarz 16 października 2009 Autor komentarz 16 października 2009 Na razie nie czyściłem bo nie mam go przy sobie. Loga z drugiego kompa wyśle jutro.przesyłam log z drugiego kompa [log]OTL logfile created on: 2009-10-15 18:29:35 - Run 2 OTL by OldTimer - Version 3.0.20.0 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 383,48 Mb Total Physical Memory | 220,57 Mb Available Physical Memory | 57,52% Memory free 922,03 Mb Paging File | 789,62 Mb Available in Paging File | 85,64% Paging File free Paging file location(s): C:\pagefile.sys 576 1152 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 14,65 Gb Total Space | 11,70 Gb Free Space | 79,88% Space Free | Partition Type: NTFS Drive D: | 22,61 Gb Total Space | 22,55 Gb Free Space | 99,70% Space Free | Partition Type: NTFS Drive E: | 498,27 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive F: | 70,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 9,92 Gb Total Space | 2,65 Gb Free Space | 26,75% Space Free | Partition Type: FAT32 Drive H: | 21,98 Gb Total Space | 2,99 Gb Free Space | 13,60% Space Free | Partition Type: FAT32 Drive I: | 5,14 Gb Total Space | 5,14 Gb Free Space | 99,98% Space Free | Partition Type: FAT32 Computer Name: KOMPUTER Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-10-15 18:29:06 | 00,154,751 | ---- | M] () -- C:\Documents and Settings\tazebama.dl_ PRC - [2009-10-15 18:18:12 | 00,677,231 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe PRC - [2009-10-13 19:28:57 | 01,431,999 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe PRC - [2007-07-14 00:42:04 | 00,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2006-08-03 05:12:00 | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE PRC - [2004-12-06 04:41:26 | 00,233,472 | R--- | M] (wvtv@sina.com) -- C:\WINDOWS\wvremcon.exe PRC - [2004-09-08 20:51:10 | 00,106,496 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe PRC - [2004-08-04 02:44:30 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-10-13 19:34:04 | 01,156,463 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) SRV - [2004-08-04 02:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2004-07-15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found -- -- (abp470n5 [On_Demand | Running]) DRV - [2007-07-28 03:15:52 | 00,062,208 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112 [Boot | Running]) DRV - [2007-01-04 13:48:04 | 00,104,344 | ---- | M] (Analog Devices Inc.) -- C:\WINDOWS\System32\DRIVERS\e4usbaw.sys -- (e4usbaw [On_Demand | Running]) DRV - [2007-01-04 13:47:48 | 00,069,656 | ---- | M] (Analog Deivces) -- C:\WINDOWS\System32\Drivers\e4ldr.sys -- (E4LOADER [Auto | Stopped]) DRV - [2006-08-18 13:52:00 | 04,017,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running]) DRV - [2004-08-04 01:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running]) DRV - [2004-08-04 00:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped]) DRV - [2004-08-04 00:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2004-07-17 13:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2003-08-15 18:33:32 | 00,024,736 | R--- | M] (Philips Semiconductors) -- C:\WINDOWS\System32\DRIVERS\PhTvTune.sys -- (PhTvTune [On_Demand | Running]) DRV - [2003-08-15 18:31:42 | 00,353,024 | R--- | M] (Philips Semiconductors) -- C:\WINDOWS\System32\DRIVERS\Cap7134.sys -- (Cap7134 [On_Demand | Running]) DRV - [2001-08-18 01:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [WinDVR SchSvr] C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe (InterVideo Inc.) O4 - HKLM..\Run: [wvremcon] C:\WINDOWS\wvremcon.exe (wvtv@sina.com) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsMenu = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartBanner = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-10-06 20:55:47 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-10-15 18:29:44 | 00,000,126 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-10-15 18:29:44 | 00,000,126 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2007-05-18 13:48:52 | 00,000,044 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2004-12-14 04:46:20 | 00,176,142 | R--- | M] () - F:\autorun.apm -- [ CDFS ] O32 - AutoRun File - [2009-10-15 18:29:46 | 00,000,126 | RHS- | M] () - G:\AutoRun.inf -- [ FAT32 ] O32 - AutoRun File - [2009-10-15 18:29:46 | 00,000,126 | RHS- | M] () - H:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2009-10-15 18:29:46 | 00,000,126 | RHS- | M] () - I:\autorun.inf -- [ FAT32 ] O33 - MountPoints2\{e1493080-b36b-11de-b812-806d6172696f}\Shell\AutoRun\command - "" = G:\zPharaoh.exe -- [2009-10-01 19:25:26 | 00,233,465 | RHS- | M] () O33 - MountPoints2\{e1493080-b36b-11de-b812-806d6172696f}\Shell\explore\command - "" = G:\zPharaoh.exe -- [2009-10-01 19:25:26 | 00,233,465 | RHS- | M] () O33 - MountPoints2\{e1493080-b36b-11de-b812-806d6172696f}\Shell\open\command - "" = G:\zPharaoh.exe -- [2009-10-01 19:25:26 | 00,233,465 | RHS- | M] () O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [1 C:\*.tmp files] [1 C:\WINDOWS\System32\*.tmp files] [3 C:\WINDOWS\*.tmp files] [2009-10-06 22:43:43 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-10-06 20:57:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Apple Computer [2009-10-07 06:14:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\InterVideo [2009-10-06 22:43:43 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft [2009-10-06 20:57:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Real [2009-10-06 21:03:22 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji [2009-10-07 07:04:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\InstallShield [2009-10-07 20:16:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia [2009-10-06 21:03:22 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft [2009-10-06 21:03:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Real [2009-10-06 21:03:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sun [2009-10-06 21:03:21 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji [2009-10-06 21:03:21 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft [2009-10-06 22:44:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files [2009-10-07 06:10:20 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2009-10-07 06:13:49 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo [2009-10-06 20:56:47 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2009-10-06 22:44:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared [2009-10-06 20:53:11 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap [2009-10-06 22:44:52 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2009-10-06 20:53:14 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Services [2009-10-06 22:44:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines [2009-10-06 20:52:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\System [2009-10-06 22:44:48 | 00,000,000 | R--D | C] -- C:\Program Files [2009-10-07 06:10:47 | 00,000,000 | ---D | C] -- C:\Program Files\AvRack [2009-10-06 22:44:48 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files [2009-10-06 20:51:43 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2009-10-07 06:10:31 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2009-10-06 20:52:46 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2009-10-07 06:13:33 | 00,000,000 | ---D | C] -- C:\Program Files\InterVideo [2009-10-06 20:56:49 | 00,000,000 | ---D | C] -- C:\Program Files\Java [2009-10-06 20:53:03 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker [2009-10-06 20:50:57 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone [2009-10-06 20:52:54 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express [2009-10-06 20:57:22 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime Alternative [2009-10-06 20:57:37 | 00,000,000 | ---D | C] -- C:\Program Files\Real Alternative [2009-10-07 06:10:36 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek AC97 [2009-10-07 06:10:48 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager [2009-10-07 07:04:47 | 00,000,000 | ---D | C] -- C:\Program Files\SAGEM [2009-10-06 20:51:02 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2 [2009-10-06 20:51:01 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player [2009-10-06 20:50:40 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT [2009-10-15 18:18:21 | 00,677,231 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2009-10-13 19:08:01 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Wideo [2009-10-13 19:07:50 | 00,000,000 | ---D | C] -- C:\Qoobox [2009-10-13 19:03:55 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS [2009-10-07 20:53:24 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009-10-07 20:16:01 | 00,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2009-10-07 07:05:02 | 00,155,648 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\adadix32.dll [2009-10-07 07:05:01 | 00,169,496 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\drivers\adiusbawx64.sys [2009-10-07 07:05:01 | 00,146,968 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\drivers\e4usbawx64.sys [2009-10-07 07:05:01 | 00,118,552 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\drivers\adiusbaw.sys [2009-10-07 07:05:01 | 00,104,344 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\drivers\e4usbaw.sys [2009-10-07 07:04:58 | 00,316,416 | ---- | C] (Analog Devices.) -- C:\WINDOWS\System32\unaddrv.x64.exe [2009-10-07 07:04:58 | 00,071,832 | ---- | C] (Analog Deivces) -- C:\WINDOWS\System32\drivers\e4ldrx64.sys [2009-10-07 07:04:58 | 00,069,656 | ---- | C] (Analog Deivces) -- C:\WINDOWS\System32\drivers\e4ldr.sys [2009-10-07 07:04:58 | 00,058,264 | ---- | C] (Analog Deivces) -- C:\WINDOWS\System32\drivers\adildrx64.sys [2009-10-07 07:04:58 | 00,056,088 | ---- | C] (Analog Deivces) -- C:\WINDOWS\System32\drivers\adildr.sys [2009-10-07 07:04:57 | 00,212,992 | ---- | C] (Analog Devices.) -- C:\WINDOWS\System32\unaddrv.exe [2009-10-07 07:04:57 | 00,004,981 | ---- | C] (SITECSOFT Co., LTD.) -- C:\WINDOWS\System32\ADADIX2K.DLL [2009-10-07 06:15:56 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSTEE.sys [2009-10-07 06:15:52 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NdisIP.sys [2009-10-07 06:15:50 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\StreamIP.sys [2009-10-07 06:15:49 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax [2009-10-07 06:15:47 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\SLIP.sys [2009-10-07 06:15:44 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\WSTCODEC.SYS [2009-10-07 06:15:42 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\NABTSFEC.sys [2009-10-07 06:15:39 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\CCDECODE.sys [2009-10-07 06:15:35 | 00,024,736 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\drivers\PhTvTune.sys [2009-10-07 06:15:10 | 00,233,472 | R--- | C] (wvtv@sina.com) -- C:\WINDOWS\wvremcon.exe [2009-10-07 06:15:10 | 00,110,592 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\Prop7134.dll [2009-10-07 06:15:10 | 00,110,592 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34com.dll [2009-10-07 06:15:10 | 00,073,728 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34TvCtrl.dll [2009-10-07 06:15:09 | 00,353,024 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\drivers\Cap7134.sys [2009-10-07 06:15:09 | 00,135,168 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34api.dll [2009-10-07 06:15:09 | 00,094,208 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34dialog.dll [2009-10-07 06:15:09 | 00,077,824 | R--- | C] (Philips Semiconductors) -- C:\WINDOWS\System32\34dd.dll [2009-10-07 06:15:08 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll [2009-10-07 06:15:08 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2009-10-07 06:15:06 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax [2009-10-07 06:15:06 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax [2009-10-07 06:15:06 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax [2009-10-07 06:14:42 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys [2009-10-07 06:14:39 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys [2009-10-07 06:14:37 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\DMusic.sys [2009-10-07 06:14:35 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys [2009-10-07 06:14:33 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys [2009-10-07 06:14:30 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys [2009-10-07 06:14:28 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys [2009-10-07 06:14:26 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys [2009-10-07 06:14:23 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSKSSRV.sys [2009-10-07 06:14:21 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPQM.sys [2009-10-07 06:14:17 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MSPCLOCK.sys [2009-10-07 06:14:10 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Wideo [2009-10-07 06:10:56 | 04,017,536 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\alcxwdm.sys [2009-10-07 06:10:54 | 00,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys [2009-10-07 06:10:54 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax [2009-10-07 06:10:54 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys [2009-10-07 06:10:54 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll [2009-10-07 06:10:36 | 10,528,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.exe [2009-10-07 06:10:32 | 18,804,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\alsndmgr.cpl [2009-10-07 06:10:32 | 00,577,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe [2009-10-07 06:10:32 | 00,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe [2009-10-07 06:10:32 | 00,217,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcrmv.exe [2009-10-06 22:48:53 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys [2009-10-06 22:48:06 | 00,058,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys [2009-10-06 22:47:31 | 04,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll [2009-10-06 22:47:31 | 01,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys [2009-10-06 22:47:24 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys [2009-10-06 22:47:02 | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys [2009-10-06 22:46:49 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys [2009-10-06 22:46:45 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll [2009-10-06 22:46:31 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\UAGP35.SYS [2009-10-06 22:44:48 | 00,000,000 | R--D | C] -- C:\Program Files [2009-10-06 22:44:45 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll [2009-10-06 22:44:45 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll [2009-10-06 22:44:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll [2009-10-06 22:44:44 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll [2009-10-06 22:44:44 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll [2009-10-06 22:44:44 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll [2009-10-06 22:44:44 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll [2009-10-06 22:44:44 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll [2009-10-06 22:44:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll [2009-10-06 22:44:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll [2009-10-06 22:44:43 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll [2009-10-06 22:44:43 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll [2009-10-06 22:44:43 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll [2009-10-06 22:44:37 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll [2009-10-06 22:44:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll [2009-10-06 22:44:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll [2009-10-06 22:44:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll [2009-10-06 22:44:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll [2009-10-06 22:44:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll [2009-10-06 22:44:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll [2009-10-06 22:44:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll [2009-10-06 22:44:37 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL [2009-10-06 22:44:37 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll [2009-10-06 22:44:37 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll [2009-10-06 22:44:36 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll [2009-10-06 22:44:36 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll [2009-10-06 22:44:36 | 00,085,532 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll [2009-10-06 22:44:36 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2009-10-06 22:44:36 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV [2009-10-06 22:44:36 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2009-10-06 22:44:36 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV [2009-10-06 22:44:35 | 00,127,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL [2009-10-06 22:44:35 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL [2009-10-06 22:44:35 | 00,073,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV [2009-10-06 22:44:35 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV [2009-10-06 22:44:35 | 00,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV [2009-10-06 22:44:35 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL [2009-10-06 22:44:35 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL [2009-10-06 22:44:35 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL [2009-10-06 22:44:35 | 00,009,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL [2009-10-06 22:44:35 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL [2009-10-06 22:44:35 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV [2009-10-06 22:44:35 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV [2009-10-06 22:44:35 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV [2009-10-06 22:44:35 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV [2009-10-06 22:44:35 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV [2009-10-06 22:44:35 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK [2009-10-06 22:44:34 | 00,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV [2009-10-06 22:44:34 | 00,109,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL [2009-10-06 22:44:34 | 00,070,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL [2009-10-06 22:44:34 | 00,033,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL [2009-10-06 22:44:34 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE [2009-10-06 22:44:34 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys [2009-10-06 22:44:34 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll [2009-10-06 22:44:33 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll [2009-10-06 22:44:33 | 00,069,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL [2009-10-06 22:44:33 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\NOTEPAD.EXE [2009-10-06 22:43:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2 [2009-10-06 22:43:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot [2009-10-06 22:43:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings [2009-10-06 22:43:14 | 00,000,000 | -HSD | C] -- C:\System Volume Information [2009-10-06 22:38:18 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2009-10-06 22:38:18 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts [2009-10-06 22:38:18 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web [2009-10-06 22:38:18 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2009-10-06 22:38:18 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32 [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076 [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052 [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054 [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1045 [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042 [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041 [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037 [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033 [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031 [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028 [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025 [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32 [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\system [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\security [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Offline Web Pages [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\java [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins [2009-10-06 22:38:18 | 00,000,000 | ---D | C] -- C:\WINDOWS [2009-10-06 21:03:52 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Muzyka [2009-10-06 21:03:52 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy [2009-10-06 21:03:38 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll [2009-10-06 21:03:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2009-10-06 21:03:11 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft [2009-10-06 20:58:11 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly [2009-10-06 20:58:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2009-10-06 20:58:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp [2009-10-06 20:57:37 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2009-10-06 20:57:37 | 00,185,952 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2009-10-06 20:57:37 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2009-10-06 20:57:37 | 00,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2009-10-06 20:57:29 | 00,065,536 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx [2009-10-06 20:57:29 | 00,049,152 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts [2009-10-06 20:57:22 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll [2009-10-06 20:57:22 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll [2009-10-06 20:57:13 | 00,139,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2009-10-06 20:57:13 | 00,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2009-10-06 20:57:13 | 00,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2009-10-06 20:57:13 | 00,069,632 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2009-10-06 20:56:21 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tzchange.exe [2009-10-06 20:56:14 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2009-10-06 20:56:13 | 00,062,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rspndr.sys [2009-10-06 20:56:13 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rspndr.exe [2009-10-06 20:56:05 | 00,013,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2009-10-06 20:55:21 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll [2009-10-06 20:55:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache [2009-10-06 20:53:48 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Obrazy [2009-10-06 20:53:19 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll [2009-10-06 20:53:15 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll [2009-10-06 20:53:12 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll [2009-10-06 20:53:12 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2009-10-06 20:53:09 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed [2009-10-06 20:53:07 | 00,382,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll [2009-10-06 20:53:07 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll [2009-10-06 20:53:07 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll [2009-10-06 20:53:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll [2009-10-06 20:53:02 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll [2009-10-06 20:53:02 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll [2009-10-06 20:53:02 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll [2009-10-06 20:53:02 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll [2009-10-06 20:52:59 | 00,128,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltMgr.sys [2009-10-06 20:52:59 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe [2009-10-06 20:52:59 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll [2009-10-06 20:52:58 | 00,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll [2009-10-06 20:52:58 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll [2009-10-06 20:52:58 | 00,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys [2009-10-06 20:52:58 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll [2009-10-06 20:52:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore [2009-10-06 20:52:57 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll [2009-10-06 20:52:57 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll [2009-10-06 20:52:56 | 00,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll [2009-10-06 20:52:56 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll [2009-10-06 20:52:54 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll [2009-10-06 20:52:54 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe [2009-10-06 20:52:53 | 00,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll [2009-10-06 20:52:53 | 00,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll [2009-10-06 20:52:53 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll [2009-10-06 20:52:53 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll [2009-10-06 20:52:53 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll [2009-10-06 20:51:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration [2009-10-06 20:50:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe [2009-10-06 20:50:53 | 00,378,735 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe [2009-10-06 20:50:51 | 00,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll [2009-10-06 20:50:51 | 00,240,495 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe [2009-10-06 20:50:50 | 00,279,407 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe [2009-10-06 20:50:50 | 00,274,799 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe [2009-10-06 20:50:50 | 00,216,943 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe [2009-10-06 20:50:49 | 00,365,935 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe [2009-10-06 20:50:49 | 00,293,231 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe [2009-10-06 20:50:49 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe [2009-10-06 20:50:49 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe [2009-10-06 20:50:49 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe [2009-10-06 20:50:48 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe [2009-10-06 20:50:48 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe [2009-10-06 20:50:48 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe [2009-10-06 20:50:48 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe [2009-10-06 20:50:48 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe [2009-10-06 20:50:48 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe [2009-10-06 20:50:48 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll [2009-10-06 20:50:48 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe [2009-10-06 20:50:48 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe [2009-10-06 20:50:48 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe [2009-10-06 20:50:48 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll [2009-10-06 20:50:47 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll [2009-10-06 20:50:47 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe [2009-10-06 20:50:47 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll [2009-10-06 20:50:46 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll [2009-10-06 20:50:46 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll [2009-10-06 20:50:46 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll [2009-10-06 20:50:46 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll [2009-10-06 20:50:46 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll [2009-10-06 20:50:40 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe [2009-10-06 20:50:40 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl [2009-10-06 20:50:39 | 00,598,895 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe [2009-10-06 20:50:39 | 00,337,775 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe [2009-10-06 20:50:39 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe [2009-10-06 20:50:39 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe [2009-10-06 20:50:38 | 00,699,759 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe [2009-10-06 20:50:38 | 00,139,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys [2009-10-06 20:50:38 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll [2009-10-06 20:50:38 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys [2009-10-06 20:50:38 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys [2009-10-06 20:50:37 | 01,894,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll [2009-10-06 20:50:37 | 00,874,863 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe [2009-10-06 20:50:37 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll [2009-10-06 20:50:37 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe [2009-10-06 20:50:36 | 00,296,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll [2009-10-06 20:50:36 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll [2009-10-06 20:50:36 | 00,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe [2009-10-06 20:50:36 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll [2009-10-06 20:50:36 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe [2009-10-06 20:50:36 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe [2009-10-06 20:50:36 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe [2009-10-06 20:50:36 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe [2009-10-06 20:50:36 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll [2009-10-06 20:50:36 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll [2009-10-06 20:50:35 | 00,956,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll [2009-10-06 20:50:35 | 00,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll [2009-10-06 20:50:35 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll [2009-10-06 20:50:35 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll [2009-10-06 20:50:35 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll [2009-10-06 20:50:35 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll [2009-10-06 20:50:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc [2009-10-06 20:50:34 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll [2009-10-06 20:50:34 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll [2009-10-06 20:50:34 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll [2009-10-06 20:50:34 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll [2009-10-06 20:50:34 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe [2009-10-06 20:50:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com [2009-10-06 20:50:33 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll [2009-10-06 20:50:33 | 00,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll [2009-10-06 20:50:33 | 00,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll [2009-10-06 20:50:33 | 00,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll [2009-10-06 20:50:32 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll [2009-10-06 20:50:26 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll [2009-10-06 20:50:26 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll [2009-10-06 20:50:26 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll [2009-10-06 20:50:26 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll [2009-10-06 20:50:22 | 00,196,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys [2009-10-06 20:50:22 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys [2009-10-06 20:50:21 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Muzyka [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [1 C:\*.tmp files] [1 C:\WINDOWS\System32\*.tmp files] [3 C:\WINDOWS\*.tmp files] [2009-10-15 18:30:20 | 00,000,126 | RHS- | M] () -- C:\autorun.inf [2009-10-15 18:29:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-10-15 18:29:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-10-15 18:29:00 | 40,218,2144 | -HS- | M] () -- C:\hiberfil.sys [2009-10-15 18:27:21 | 03,215,512 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-10-15 18:18:12 | 00,677,231 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2009-10-14 20:54:18 | 00,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-10-13 19:07:55 | 00,189,295 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcad32.exe [2009-10-13 19:07:53 | 00,279,407 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe [2009-10-13 19:07:52 | 00,699,759 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe [2009-10-13 19:07:52 | 00,216,943 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe [2009-10-13 19:07:50 | 00,365,935 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe [2009-10-13 19:07:48 | 00,293,231 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe [2009-10-13 19:07:47 | 00,378,735 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe [2009-10-13 19:07:47 | 00,337,775 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe [2009-10-13 19:07:46 | 00,240,495 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe [2009-10-13 19:07:44 | 01,378,159 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntbackup.exe [2009-10-13 19:07:43 | 00,874,863 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe [2009-10-13 19:07:41 | 00,598,895 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe [2009-10-13 19:07:40 | 00,274,799 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe [2009-10-13 19:07:35 | 00,450,415 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe [2009-10-13 19:07:35 | 00,232,815 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\magnify.exe [2009-10-13 19:07:34 | 00,652,655 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe [2009-10-13 19:07:33 | 00,325,487 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mobsync.exe [2009-10-13 19:07:33 | 00,216,431 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\notepad.exe [2009-10-13 19:07:31 | 00,233,235 | RHS- | M] () -- C:\zPharaoh.exe [2009-10-13 16:41:41 | 00,000,169 | ---- | M] () -- C:\WINDOWS\RtlRack.ini [2009-10-07 20:24:46 | 00,001,666 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVR 3.lnk [2009-10-07 20:06:05 | 00,000,266 | ---- | M] () -- C:\WINDOWS\system.ini [2009-10-07 07:05:55 | 00,001,554 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Internet ADSL.lnk [2009-10-07 07:05:54 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD [2009-10-07 07:05:51 | 00,000,168 | ---- | M] () -- C:\WINDOWS\adidsl.ini [2009-10-07 07:05:10 | 00,001,094 | ---- | M] () -- C:\WINDOWS\adiras.ini [2009-10-07 07:05:10 | 00,000,033 | ---- | M] () -- C:\WINDOWS\System32\drivers\adidsl.cfg [2009-10-07 07:05:10 | 00,000,021 | ---- | M] () -- C:\WINDOWS\Fast800.ini [2009-10-07 07:05:04 | 00,000,836 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk [2009-10-07 06:10:48 | 00,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk [2009-10-06 21:04:45 | 00,937,572 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-10-06 21:04:45 | 00,433,262 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2009-10-06 21:04:45 | 00,377,840 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009-10-06 21:04:45 | 00,065,484 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2009-10-06 21:04:45 | 00,051,494 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009-10-06 21:02:53 | 00,093,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-10-06 21:01:51 | 00,001,078 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2009-10-06 20:55:47 | 00,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2009-10-06 20:55:47 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2009-10-06 20:55:47 | 00,000,000 | RHS- | M] () -- C:\IO.SYS [2009-10-06 20:55:47 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini [2009-10-06 20:55:47 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009-10-06 20:55:47 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2009-10-06 20:55:44 | 00,000,507 | ---- | M] () -- C:\WINDOWS\win.ini [2009-10-06 20:55:37 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2009-10-06 20:55:37 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2009-10-06 20:55:36 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2009-10-06 20:55:21 | 00,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2009-10-06 20:53:54 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2009-10-06 20:53:54 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2009-10-06 20:53:48 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2009-10-06 20:53:48 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2009-10-06 20:53:48 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2009-10-06 20:53:48 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2009-10-06 20:53:48 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2009-10-06 20:53:48 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2009-10-06 20:51:58 | 00,021,856 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2009-10-06 20:51:39 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini [2009-10-06 20:51:39 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini [2009-10-06 20:49:06 | 00,000,211 | -HS- | M] () -- C:\boot.ini [color=#E56717]========== Files - No Company Name ==========[/color] [2009-10-07 20:20:28 | 00,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini [2009-10-07 20:06:06 | 00,233,235 | RHS- | C] () -- C:\zPharaoh.exe [2009-10-07 20:06:06 | 00,000,126 | RHS- | C] () -- C:\autorun.inf [2009-10-07 07:05:54 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD [2009-10-07 07:05:54 | 00,001,554 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Internet ADSL.lnk [2009-10-07 07:05:10 | 00,000,168 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2009-10-07 07:05:10 | 00,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2009-10-07 07:05:04 | 00,000,836 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk [2009-10-07 07:05:03 | 00,253,008 | ---- | C] () -- C:\WINDOWS\adirasx64.exe [2009-10-07 07:05:03 | 00,194,128 | ---- | C] () -- C:\WINDOWS\adiras.exe [2009-10-07 07:05:03 | 00,001,094 | ---- | C] () -- C:\WINDOWS\adiras.ini [2009-10-07 07:05:02 | 00,127,456 | ---- | C] () -- C:\WINDOWS\System32\IPDETECT.EXE [2009-10-07 07:05:01 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\drivers\adiusbawx64.cat [2009-10-07 07:05:01 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\drivers\adiusbaw.cat [2009-10-07 07:05:01 | 00,013,981 | ---- | C] () -- C:\WINDOWS\System32\drivers\e4usbawx64.cat [2009-10-07 07:05:01 | 00,013,981 | ---- | C] () -- C:\WINDOWS\System32\drivers\e4usbaw.cat [2009-10-07 07:04:59 | 00,176,128 | ---- | C] () -- C:\WINDOWS\autoclk.exe [2009-10-07 07:04:59 | 00,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P2.BIN [2009-10-07 07:04:58 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2009-10-07 07:04:58 | 00,024,576 | ---- | C] () -- C:\WINDOWS\enddisk32.exe [2009-10-07 07:04:58 | 00,012,403 | ---- | C] () -- C:\WINDOWS\System32\drivers\adildrx64.cat [2009-10-07 07:04:58 | 00,012,403 | ---- | C] () -- C:\WINDOWS\System32\drivers\adildr.cat [2009-10-07 07:04:58 | 00,011,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\e4ldrx64.cat [2009-10-07 07:04:58 | 00,011,399 | ---- | C] () -- C:\WINDOWS\System32\drivers\e4ldr.cat [2009-10-07 07:04:57 | 00,261,964 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbldep3.bnm [2009-10-07 07:04:57 | 00,261,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbldep1.bnm [2009-10-07 07:04:57 | 00,261,926 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbldei1.bnm [2009-10-07 07:04:57 | 00,261,926 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTBLD3p0.BNM [2009-10-07 07:04:57 | 00,261,918 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTBLD3p3.BNM [2009-10-07 07:04:57 | 00,261,918 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTBLD3p1.BNM [2009-10-07 07:04:57 | 00,261,916 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbldep0.bnm [2009-10-07 07:04:57 | 00,261,916 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbldei0.bnm [2009-10-07 07:04:57 | 00,261,914 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbldei2.bnm [2009-10-07 07:04:57 | 00,261,908 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbldei3.bnm [2009-10-07 07:04:57 | 00,261,900 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTBLD3p2.BNM [2009-10-07 07:04:57 | 00,261,892 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbldep2.bnm [2009-10-07 07:04:57 | 00,081,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbldep4.bnm [2009-10-07 07:04:57 | 00,078,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbldei4.bnm [2009-10-07 07:04:57 | 00,055,228 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld4.bnm [2009-10-07 07:04:57 | 00,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL [2009-10-07 07:04:57 | 00,022,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTBLD3p4.BNM [2009-10-07 07:04:56 | 00,261,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld3.bnm [2009-10-07 07:04:56 | 00,261,932 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld0.bnm [2009-10-07 07:04:56 | 00,261,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld2.bnm [2009-10-07 07:04:56 | 00,261,894 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld1.bnm [2009-10-07 07:04:56 | 00,152,220 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I2.BIN [2009-10-07 07:04:56 | 00,152,220 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I1.BIN [2009-10-07 07:04:56 | 00,152,220 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I0.BIN [2009-10-07 07:04:56 | 00,152,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P2.BIN [2009-10-07 07:04:56 | 00,152,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P1.BIN [2009-10-07 07:04:56 | 00,152,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P0.BIN [2009-10-07 07:04:56 | 00,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P0.BIN [2009-10-07 07:04:56 | 00,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I2.BIN [2009-10-07 07:04:56 | 00,152,036 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D2.BIN [2009-10-07 07:04:56 | 00,152,034 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D1.BIN [2009-10-07 07:04:56 | 00,152,034 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D0.BIN [2009-10-07 07:04:56 | 00,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin [2009-10-07 07:04:56 | 00,000,033 | ---- | C] () -- C:\WINDOWS\System32\drivers\adidsl.cfg [2009-10-07 07:04:55 | 00,261,964 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld9i1.bnm [2009-10-07 07:04:55 | 00,261,962 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld9p3.bnm [2009-10-07 07:04:55 | 00,261,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld9p1.bnm [2009-10-07 07:04:55 | 00,261,930 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld9p0.bnm [2009-10-07 07:04:55 | 00,261,926 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld9p2.bnm [2009-10-07 07:04:55 | 00,261,918 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld9i2.bnm [2009-10-07 07:04:55 | 00,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P1.BIN [2009-10-07 07:04:55 | 00,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I1.BIN [2009-10-07 07:04:55 | 00,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I0.BIN [2009-10-07 07:04:55 | 00,053,590 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld9i4.bnm [2009-10-07 07:04:55 | 00,041,620 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld9p4.bnm [2009-10-07 07:04:54 | 00,261,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtbld9i0.bnm [2009-10-07 07:03:22 | 00,028,672 | R--- | C] () -- C:\WINDOWS\System32\adinst32.dll [2009-10-07 06:13:55 | 00,001,666 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\InterVideo WinDVR 3.lnk [2009-10-07 06:13:36 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2009-10-07 06:13:36 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2009-10-07 06:13:36 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2009-10-07 06:13:35 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2009-10-07 06:13:35 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2009-10-07 06:13:35 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2009-10-07 06:11:26 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2009-10-07 06:10:47 | 00,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\AvRack.lnk [2009-10-07 06:10:47 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2009-10-07 06:10:36 | 00,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav [2009-10-07 06:10:32 | 00,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009-10-06 22:44:45 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls [2009-10-06 22:44:45 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls [2009-10-06 22:44:45 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls [2009-10-06 22:44:44 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls [2009-10-06 22:44:44 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls [2009-10-06 22:44:43 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls [2009-10-06 22:44:43 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls [2009-10-06 22:44:43 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls [2009-10-06 22:44:43 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls [2009-10-06 22:44:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls [2009-10-06 22:44:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls [2009-10-06 22:44:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls [2009-10-06 22:44:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls [2009-10-06 22:44:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls [2009-10-06 22:44:34 | 00,001,734 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2009-10-06 22:44:22 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2009-10-06 22:43:13 | 00,093,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-10-06 22:42:08 | 00,000,211 | -HS- | C] () -- C:\boot.ini [2009-10-06 22:42:02 | 00,001,078 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf [2009-10-06 21:16:01 | 03,215,512 | -H-- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-10-06 21:03:23 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\desktop.ini [2009-10-06 21:03:12 | 00,000,006 | -H-- | C] () -- C:\WINDOWS\tasks\SA.DAT [2009-10-06 21:03:06 | 40,218,2144 | -HS- | C] () -- C:\hiberfil.sys [2009-10-06 21:01:43 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009-10-06 20:55:47 | 00,002,596 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT [2009-10-06 20:55:47 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2009-10-06 20:55:47 | 00,000,000 | RHS- | C] () -- C:\IO.SYS [2009-10-06 20:55:47 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS [2009-10-06 20:55:47 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT [2009-10-06 20:55:37 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb [2009-10-06 20:55:37 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb [2009-10-06 20:55:36 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx [2009-10-06 20:53:54 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2009-10-06 20:53:54 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2009-10-06 20:53:48 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2009-10-06 20:53:48 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2009-10-06 20:53:48 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2009-10-06 20:53:48 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2009-10-06 20:53:48 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2009-10-06 20:53:48 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2009-10-06 20:51:58 | 00,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2009-10-06 20:50:52 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce [2009-10-06 20:50:51 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce [2009-10-06 20:50:51 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce [2009-10-06 20:50:51 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce [2009-10-06 20:50:51 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce [2009-10-06 20:50:51 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce [2009-10-06 20:50:51 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce [2009-10-06 20:50:51 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce [2009-10-06 20:50:49 | 00,001,225 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd [2009-10-06 20:50:48 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h [2009-10-06 20:50:47 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h [2009-10-06 20:50:41 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc [2004-07-17 13:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2001-07-22 02:16:20 | 00,000,507 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-22 02:15:52 | 00,000,266 | ---- | C] () -- C:\WINDOWS\system.ini < End of report > [/log] po tym sprawdzaniu nie mogę uruchomić niektórych plików exe np Flash Desinfector czy otl - wyświetla sie komunikat że nazwa katalogu jest nieprawidłowa
Psycholandia komentarz 16 października 2009 komentarz 16 października 2009 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O32 - AutoRun File - [2009-10-15 18:29:44 | 00,000,126 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-10-15 18:29:44 | 00,000,126 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-10-15 18:29:46 | 00,000,126 | RHS- | M] () - G:\AutoRun.inf -- [ FAT32 ] O32 - AutoRun File - [2009-10-15 18:29:46 | 00,000,126 | RHS- | M] () - H:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2009-10-15 18:29:46 | 00,000,126 | RHS- | M] () - I:\autorun.inf -- [ FAT32 ] O33 - MountPoints2\{e1493080-b36b-11de-b812-806d6172696f}\Shell\AutoRun\command - "" = G:\zPharaoh.exe -- [2009-10-01 19:25:26 | 00,233,465 | RHS- | M] () O33 - MountPoints2\{e1493080-b36b-11de-b812-806d6172696f}\Shell\explore\command - "" = G:\zPharaoh.exe -- [2009-10-01 19:25:26 | 00,233,465 | RHS- | M] () O33 - MountPoints2\{e1493080-b36b-11de-b812-806d6172696f}\Shell\open\command - "" = G:\zPharaoh.exe -- [2009-10-01 19:25:26 | 00,233,465 | RHS- | M] () :Files C:\Qoobox C:\RECYCLER C:\autorun.inf D:\autorun.inf G:\autorun.inf H:\autorun.inf I:\autorun.inf C:\zPharaoh.exe D:\zPharaoh.exe G:\zPharaoh.exe H:\zPharaoh.exe I:\zPharaoh.exe C:\WINDOWS\adirasx64.exe C:\WINDOWS\adiras.exe C:\WINDOWS\adiras.ini :Commands [emptytemp] [start explorer] [Reboot][/code] Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code] Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie. Wykonaj: http://support.microsoft.com/kb/310405/pl Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware)
Gość komentarz 16 października 2009 komentarz 16 października 2009 (edytowane) Usuwanie OTL'em nic nie da! Użyj [url=http://www.forumpc.pl/index.php?showtopic=120614&st=0&p=837303&fromsearch=1&#entry837303][b][color=blue][u]ComboFixa[/b][/color][/u][/url] i wklej logi z [b]OBYDWU[/b] komputerów. .
rafal-39 komentarz 17 października 2009 Autor komentarz 17 października 2009 Ok spróbuje Combofix'a, zauważyłem że po otl jednak wraca do tego co było, nie moge sobie jednak poradzić z pendrivem - cały czas chce sie uruchamiać plik zpharoh.exe i w kółko plik 1.taz. Z jednym komputerem już sobie poradziłem - format i wszystko działa jak powinno.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.