dziuram utworzono 15 października 2009 utworzono 15 października 2009 [log]OTL logfile created on: 2009-10-15 19:58:26 - Run 2 OTL by OldTimer - Version 3.0.21.0 Folder = D:\ Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 71,43% Memory free 3,85 Gb Paging File | 3,41 Gb Available in Paging File | 88,63% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 50,00 Gb Total Space | 26,14 Gb Free Space | 52,28% Space Free | Partition Type: NTFS Drive D: | 415,75 Gb Total Space | 356,06 Gb Free Space | 85,64% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: GIDRAN-3D0C1E03 Current User Name: Gidi Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-10-15 19:55:13 | 00,521,216 | ---- | M] (OldTimer Tools) -- D:\OTL.exe PRC - [2009-10-15 19:52:14 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe PRC - [2009-10-15 09:09:24 | 00,487,936 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe PRC - [2009-10-14 06:21:06 | 02,337,744 | ---- | M] (Crawler.com) -- C:\Program Files\Crawler\Toolbar\CToolbar.exe PRC - [2009-10-11 00:03:42 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 3.5 Beta 4\firefox.exe PRC - [2009-04-23 15:51:38 | 00,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe PRC - [2007-06-28 18:43:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe PRC - [2007-04-12 11:33:10 | 16,132,608 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2006-11-16 19:04:20 | 00,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2006-11-16 18:58:32 | 00,884,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2006-10-24 10:07:22 | 00,368,640 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFTVFM\WFWIZ.exe PRC - [2006-10-19 13:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe PRC - [2006-07-30 19:00:00 | 00,098,304 | R--- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe PRC - [2004-12-13 04:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2004-08-11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe PRC - [2004-08-04 00:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe PRC - [2004-08-04 00:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-10-15 09:09:24 | 00,487,936 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv [Auto | Running]) SRV - [2009-06-11 19:40:46 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Stopped]) SRV - [2007-06-28 18:43:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running]) SRV - [2006-11-10 19:18:02 | 00,774,144 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped]) SRV - [2006-10-19 13:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running]) SRV - [2004-12-13 04:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Auto | Running]) SRV - [2004-08-11 01:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wdfmgr.exe -- (UMWdf [Auto | Running]) SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2003-07-28 20:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found -- -- (catchme [On_Demand | Running]) DRV - [2009-10-15 09:09:24 | 00,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2 [System | Running]) DRV - [2009-05-25 07:24:49 | 00,721,904 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running]) DRV - [2009-05-07 21:51:33 | 00,015,600 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\gdrv.sys -- (gdrv [On_Demand | Stopped]) DRV - [2008-08-20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running]) DRV - [2007-06-28 18:43:00 | 06,807,328 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2007-04-23 12:12:28 | 04,402,176 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2007-03-01 10:05:38 | 00,090,496 | R--- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp [On_Demand | Running]) DRV - [2006-04-20 08:50:34 | 00,059,776 | R--- | M] (Leadtek Research Inc.) -- C:\WINDOWS\System32\drivers\wf2kvcap.sys -- (BT848 [Auto | Running]) DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2005-01-06 16:55:38 | 00,009,446 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS -- (WFIOCTL [On_Demand | Running]) DRV - [2004-07-17 11:36:38 | 00,027,440 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2001-08-18 00:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-21-1801674531-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-1801674531-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKU\S-1-5-21-1801674531-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-1801674531-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IE - HKU\S-1-5-21-1801674531-789336058-725345543-1003\S-1-5-21-1801674531-789336058-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4 FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-06-11 19:40:46 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2009-10-15 09:09:54 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox 3.5 Beta 4\components [2009-10-11 00:03:46 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.5 Beta 4\plugins [2009-10-11 00:03:46 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-05-07 23:06:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gidi\Dane aplikacji\mozilla\Extensions [2009-05-07 23:06:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gidi\Dane aplikacji\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-10-15 19:55:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gidi\Dane aplikacji\mozilla\Firefox\Profiles\bsv8gs3u.default\extensions [2009-05-25 07:27:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gidi\Dane aplikacji\mozilla\Firefox\Profiles\bsv8gs3u.default\extensions\DTToolbar@toolbarnet.com [2009-05-25 07:27:06 | 00,002,399 | ---- | M] () -- C:\Documents and Settings\Gidi\Dane aplikacji\Mozilla\FireFox\Profiles\bsv8gs3u.default\searchplugins\daemon-search.xml O1 HOSTS File: (4504 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: <!-- Colubris --> O1 - Hosts: <!-- Default --> O1 - Hosts: <?xml version="1.0" encoding="UTF-8" ?> O1 - Hosts: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" O1 - Hosts: "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> O1 - Hosts: <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> O1 - Hosts: <!-- iPass O1 - Hosts: <WISPAccessGatewayParam> O1 - Hosts: <Redirect> O1 - Hosts: <MessageType>100</MessageType> O1 - Hosts: <ResponseCode>0</ResponseCode> O1 - Hosts: <AccessProcedure>1.0</AccessProcedure> O1 - Hosts: <LocationName>Colubris Networks</LocationName> O1 - Hosts: <AccessLocation>00:02:6F:06:25:A0</AccessLocation> O1 - Hosts: <LoginURL>https://cn3000.wireless.colubris.com:8090/goform/HtmliPassLoginRequest</LoginURL> O1 - Hosts: <AbortLoginURL>http://cn3000.wireless.colubris.com:8080/goform/HtmliPassLogout</AbortLoginURL> O1 - Hosts: </Redirect> O1 - Hosts: </WISPAccessGatewayParam> O1 - Hosts: --> O1 - Hosts: <!-- O1 - Hosts: ******************************************************************************* O1 - Hosts: O1 - Hosts: I M P O R T A N T O1 - Hosts: - - - - - - - - - O1 - Hosts: O1 - Hosts: 107 more lines... O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Pasek &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com) O3 - HKU\S-1-5-21-1801674531-789336058-725345543-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Hewlett-Packard) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe (Leadtek Research Inc.) O4 - HKU\S-1-5-21-1801674531-789336058-725345543-1003..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-1801674531-789336058-725345543-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-1801674531-789336058-725345543-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1801674531-789336058-725345543-1003..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1801674531-789336058-725345543-1003..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1801674531-789336058-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1801674531-789336058-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1801674531-789336058-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1801674531-789336058-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1801674531-789336058-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Crawler Search - File not found O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 () - file:///C:/DOCUME~1/Gidi/USTAWI~1/Temp/msohtml1/01/clip_image001.jpg O24 - Desktop Components:1 (Moja bieżąca strona główna) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-10-15 08:21:38 | 00,000,007 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-05-12 17:48:10 | 00,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-05-12 17:48:10 | 00,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{abb70a28-a233-11de-a4b0-001a4d572ccd}\Shell\AutoRun\command - "" = G:\SEVERINA\\aleluja.exe -- File not found O33 - MountPoints2\{abb70a28-a233-11de-a4b0-001a4d572ccd}\Shell\explore\command - "" = G:\SEVERINA\aleluja.exe -- File not found O33 - MountPoints2\{abb70a28-a233-11de-a4b0-001a4d572ccd}\Shell\open\command - "" = G:\SEVERINA\aleluja.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [3 C:\WINDOWS\*.tmp files] [2009-10-15 09:09:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spyware Terminator [2009-10-15 09:09:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gidi\Dane aplikacji\Spyware Terminator [2 C:\Documents and Settings\Gidi\Pulpit\*.tmp files] [2009-10-15 09:09:27 | 00,000,000 | ---D | C] -- C:\Program Files\Crawler [2009-10-15 09:09:20 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator [2009-10-15 19:52:14 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2009-10-15 19:52:10 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Gidi\Pulpit\HJTInstall.exe [2009-10-15 18:52:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gidi\Pulpit\Tunel podziemny połączony z pomieszczeniem [2009-10-15 18:40:56 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009-10-15 18:36:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gidi\Pulpit\zdjecia do cwiczen [2009-10-15 18:36:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gidi\Pulpit\na koszarach [2009-10-15 18:33:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gidi\Pulpit\wycinka drzew podział [2009-10-15 18:31:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gidi\Pulpit\grill podziałowy [2009-10-15 18:03:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp [2009-10-15 13:35:49 | 00,000,000 | RHSD | C] -- C:\cmdcons [2009-10-15 08:15:26 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2009-10-15 08:15:26 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2009-10-15 08:15:26 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2009-10-15 08:15:26 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2009-10-15 08:09:38 | 00,000,000 | ---D | C] -- C:\Qoobox [2009-10-14 16:46:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2009-10-11 23:27:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gidi\Pulpit\ppozz [2009-10-10 13:51:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gidi\Pulpit\Raporty [2009-10-09 17:20:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gidi\Pulpit\Nat [2009-10-02 10:52:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gidi\Pulpit\prace [2009-09-25 18:52:20 | 00,000,000 | ---D | C] -- C:\Call of Duty 2 [2009-09-25 18:35:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Gidi\Pulpit\Zawody 2009 [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [1 C:\WINDOWS\System32\*.tmp files] [3 C:\WINDOWS\*.tmp files] [4 D:\Moje Dokumenty\*.tmp files] [2 C:\Documents and Settings\Gidi\Pulpit\*.tmp files] [2009-10-15 19:52:25 | 00,004,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009-10-15 19:52:14 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Gidi\Pulpit\HijackThis.lnk [2009-10-15 19:49:45 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Gidi\Pulpit\HJTInstall.exe [2009-10-15 19:46:30 | 00,096,768 | ---- | M] () -- C:\Documents and Settings\Gidi\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-10-15 18:03:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-10-15 18:02:39 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009-10-15 13:35:52 | 00,000,281 | RHS- | M] () -- C:\boot.ini [2009-10-15 13:30:59 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2009-10-15 13:29:57 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-10-15 13:28:56 | 06,399,882 | -H-- | M] () -- C:\Documents and Settings\Gidi\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-10-15 09:09:24 | 00,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2009-10-15 08:21:38 | 00,000,007 | -HS- | M] () -- C:\AUTOEXEC.BAT [2009-10-15 08:14:14 | 03,339,138 | R--- | M] () -- C:\Documents and Settings\Gidi\Pulpit\ComboFix.exe [2009-10-15 00:36:07 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2009-10-13 22:41:13 | 00,034,304 | ---- | M] () -- C:\Documents and Settings\Gidi\Pulpit\Przebieg realizacji działań ratowniczo gaśniczych DZK.doc [2009-10-13 12:55:26 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-10-11 14:32:46 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-10-11 08:10:09 | 00,236,544 | ---- | M] () -- C:\WINDOWS\PEV.exe [2009-10-09 16:29:35 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\Gidi\Pulpit\.JPG.sha [2009-10-04 17:27:58 | 01,993,495 | ---- | M] () -- C:\Documents and Settings\Gidi\Pulpit\MOV00045.MP4 [2009-09-29 17:17:58 | 00,000,549 | ---- | M] () -- C:\WINDOWS\win.ini [2009-09-25 07:58:06 | 00,664,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wininet.dll [2009-09-25 07:58:06 | 00,664,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2009-09-25 07:58:06 | 00,625,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\urlmon.dll [2009-09-25 07:58:06 | 00,625,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2009-09-25 07:58:06 | 00,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shlwapi.dll [2009-09-25 07:58:06 | 00,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll [2009-09-25 07:58:05 | 01,506,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\shdocvw.dll [2009-09-25 07:58:05 | 01,506,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll [2009-09-25 07:58:05 | 00,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll [2009-09-25 07:58:05 | 00,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll [2009-09-25 07:58:05 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll [2009-09-25 07:58:05 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll [2009-09-25 07:58:05 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll [2009-09-25 07:58:05 | 00,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll [2009-09-25 07:58:04 | 03,084,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll [2009-09-25 07:58:04 | 03,084,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2009-09-25 07:58:04 | 00,449,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtmled.dll [2009-09-25 07:58:04 | 00,449,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll [2009-09-25 07:58:03 | 01,055,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\danim.dll [2009-09-25 07:58:03 | 01,055,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\danim.dll [2009-09-25 07:58:03 | 00,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll [2009-09-25 07:58:03 | 00,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll [2009-09-25 07:58:03 | 00,251,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll [2009-09-25 07:58:03 | 00,251,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll [2009-09-25 07:58:03 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll [2009-09-25 07:58:03 | 00,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll [2009-09-25 07:58:03 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inseng.dll [2009-09-25 07:58:03 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll [2009-09-25 07:58:03 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll [2009-09-25 07:58:03 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll [2009-09-25 07:58:03 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\extmgr.dll [2009-09-25 07:58:03 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll [2009-09-25 07:58:03 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll [2009-09-25 07:58:03 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll [2009-09-25 07:58:02 | 01,023,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll [2009-09-25 07:58:02 | 01,023,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\browseui.dll [2009-09-25 07:58:02 | 00,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdfview.dll [2009-09-25 07:58:02 | 00,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdfview.dll [2009-09-25 07:45:02 | 00,370,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec [2009-09-19 08:11:15 | 00,044,032 | ---- | M] () -- D:\Moje Dokumenty\ROZDZIAŁ XXIX.doc [2009-09-18 12:05:18 | 00,370,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll [2009-09-18 11:56:10 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe [color=#E56717]========== Files - No Company Name ==========[/color] [2009-10-15 19:52:14 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Gidi\Pulpit\HijackThis.lnk [2009-10-15 09:09:24 | 00,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2009-10-15 08:15:26 | 00,236,544 | ---- | C] () -- C:\WINDOWS\PEV.exe [2009-10-15 08:15:26 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2009-10-15 08:15:26 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2009-10-15 08:15:26 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2009-10-15 08:09:47 | 03,339,138 | R--- | C] () -- C:\Documents and Settings\Gidi\Pulpit\ComboFix.exe [2009-10-13 14:54:02 | 00,034,304 | ---- | C] () -- C:\Documents and Settings\Gidi\Pulpit\Przebieg realizacji działań ratowniczo gaśniczych DZK.doc [2009-10-11 17:27:28 | 01,993,495 | ---- | C] () -- C:\Documents and Settings\Gidi\Pulpit\MOV00045.MP4 [2009-10-09 16:29:35 | 00,000,020 | -H-- | C] () -- C:\Documents and Settings\Gidi\Pulpit\.JPG.sha [2009-09-19 08:11:15 | 00,044,032 | ---- | C] () -- D:\Moje Dokumenty\ROZDZIAŁ XXIX.doc [2009-09-01 18:52:33 | 00,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2009-08-05 10:19:25 | 00,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2009-05-25 07:24:49 | 00,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009-05-14 22:21:04 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-05-08 18:40:25 | 00,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-05-08 17:43:43 | 00,106,496 | R--- | C] () -- C:\WINDOWS\System32\vshp1018.dll [2009-05-08 13:31:58 | 00,000,145 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2009-05-08 09:44:57 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-05-08 09:41:14 | 00,096,768 | ---- | C] () -- C:\Documents and Settings\Gidi\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-05-08 01:02:33 | 00,001,372 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2009-05-07 22:50:13 | 00,017,464 | ---- | C] () -- C:\Documents and Settings\Gidi\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2009-05-07 21:47:25 | 06,399,882 | -H-- | C] () -- C:\Documents and Settings\Gidi\Ustawienia lokalne\Dane aplikacji\IconCache.db [2009-05-07 21:43:54 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Gidi\Dane aplikacji\desktop.ini [2009-05-07 06:11:00 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini [2007-06-28 18:43:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007-06-28 18:43:00 | 01,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007-06-28 18:43:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007-06-28 18:43:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007-06-28 18:43:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2004-07-17 11:36:38 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2001-07-22 01:16:20 | 00,000,549 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-22 01:15:52 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [color=#E56717]========== LOP Check ==========[/color] [2009-10-15 09:09:22 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji [2009-05-25 07:27:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2009-05-07 23:31:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2009-10-15 12:47:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Spyware Terminator [2009-05-08 14:59:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems [2009-05-07 06:11:00 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Dane aplikacji [2009-10-15 09:09:23 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Gidi\Dane aplikacji [2009-06-14 14:40:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gidi\Dane aplikacji\Ahead [2009-08-14 23:53:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gidi\Dane aplikacji\BESTplayer [2009-05-25 12:53:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gidi\Dane aplikacji\DAEMON Tools Lite [2009-09-12 10:52:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gidi\Dane aplikacji\dvdcss [2009-05-08 00:54:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gidi\Dane aplikacji\Gadu-Gadu [2009-05-07 23:55:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gidi\Dane aplikacji\Nowe Gadu-Gadu [2009-05-07 23:56:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gidi\Dane aplikacji\OpenFM [2009-10-15 13:26:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Gidi\Dane aplikacji\Spyware Terminator [2009-05-24 12:35:33 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Gość\Dane aplikacji [2009-05-07 21:42:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji [2009-05-07 21:42:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji [2001-07-22 01:17:50 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009-10-15 18:03:17 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [2009-10-15 13:30:59 | 00,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 68 bytes -> C:\WINDOWS\win.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xpsp2res.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\xpsp1res.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wzcsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuauserv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wshtcpip.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wscsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wscntfy.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wlnotify.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wldap32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wintrust.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winsta.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winsrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winspool.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winscard.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winmm.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winlogon.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wininet(3).dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winhttp(3).dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\webclnt.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\webcheck.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wdmaud.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wbem\WMIsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\w32time.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\version.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\userenv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\user32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\urlmon(3).dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\url.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\upnp.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\umpnpmgr.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\trkwks.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\themeui.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\termsrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tapi32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sxs.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stobject.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stdole2.tlb:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ssdpsrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ssdpapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\srvsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\srsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\spoolsv.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\smss.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shlwapi(3).dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shimeng.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shgina.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shfolder.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shell32(3).dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shdoclc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sfc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sensapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sens.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\secur32(3).dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\seclogon.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\schedsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\scesrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\scecli.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\samsrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\samlib.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rundll32.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rtutils.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsaenh.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\riched20.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\regsvr32.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\regsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\regapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rastls.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasman.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasdlg.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\raschap.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasapi32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pstorsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\psbase.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\profmap.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\powrprof.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oleaut32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ole32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\odbcint.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\odbc32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oakley.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nwiz.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvsvc32.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvrspl.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NvMcTray.DLL:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvdisps.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nvcplui.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NvCpl.DLL:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nv4_disp.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntshrui.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntlanman.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netui1.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netui0.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netman.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netlogon.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nddeapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ncobjapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msxml3(3).dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msvcrt.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mstlsapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msprivs.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mspatcha.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msls31.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MSIMTF.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msgina.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MSCTF.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msacm32.drv:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msacm32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mprapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mpr.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mlang.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\midimap.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lsass.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\logonui.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lmhsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\linkinfo.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ksuser.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\jscript(2).dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipsecsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipnathlp.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iphlpapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\imm32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\imapi.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\imagehlp.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\icaapi.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hnetcfg.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\eventlog.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\esent.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ersvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\duser.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dssenh.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drprov.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DRIVERS\nv4_mini.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\kmixer.sys:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dnsrslvr.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmserver.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dhcpcsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\desk.cpl:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\davclnt.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\csrss.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\csrsrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cscui.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptui.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptdll.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\crypt32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\credui.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comsvcs.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comres.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comdlg32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cfgmgr32.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\certcli.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cabinet.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\browser.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\batmeter.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\basesrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\authz.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\audiosrv.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\alg.exe:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\adsldpc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\actxprxy.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\activeds.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Gidi\Menu Start\Programy\Autostart\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Gidi\Dane aplikacji\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\desktop.ini:KAVICHS @Alternate Data Stream - 68 bytes -> C:\Documents and Settings\All Users\Dokumenty\desktop.ini:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\WindowsUpdate.log:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wzcsapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshpl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshext.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ws2help.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ws2_32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpa.dbl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wow32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winrnr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winipsec.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win32spl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wfwnet.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbem\wmiapsrv.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\watchdog.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vssvc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vssapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga64k.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga256.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usp10.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\userinit.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\user.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usbmon.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ups.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\untfs.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\unicode.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ulib.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tssoft32.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tourstart.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tlntsvr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\timer.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpmon.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\system.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syssetup.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysdm.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sti_ci.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\srrstr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\srclient.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spoolss.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spider.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sound.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sorttbls.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sortkey.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sndvol32.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\smlogsvc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sl_anet.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shmgrate.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfcfiles.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfc_os.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sessmgr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.sig:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sdhcinst.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sclgntfy.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SCardSvr.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\runonce.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvp.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\riched32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\resutils.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\remotepg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rcbdyctl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasadhlp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pstorec.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\psapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\progman.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pjlmon.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olethk32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olesvr32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olepro32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oledlg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olecnv32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olecli32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oleaccrc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oleacc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oembios.sig:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oembios.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwssr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwss.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwsapps.xml:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrszht.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrszhc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrstr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrssv.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrssl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrssk.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsru.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsptb.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrspt.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrspl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsno.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsnl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsko.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsja.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsit.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrshu.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrshe.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsfr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsfi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsesm.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrses.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrseng.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsel.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsde.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsda.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrscs.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwrsar.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwimg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwdmcpl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvwddi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvvitvsr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvvitvs.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\NVUNINST.EXE:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvucode.bin:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvtuicpl.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvshell.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrszht.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrszhc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrstr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrssv.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrssl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrssk.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsru.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsptb.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrspt.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsno.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsnl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsko.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsja.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsit.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrshu.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrshe.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsfr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsfi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsesm.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrses.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrseng.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsel.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsde.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsda.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrscs.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvrsar.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvoglnt.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvnt4cpl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvmoblsr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvmobls.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvmccssr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvmccss.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvmccsrs.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvmccs.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nview.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvgamesr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvgames.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvexpbar.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvdspsch.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvdispsr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvcpluir.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvcpl.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvcolor.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvcodins.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvcod.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvappbar.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nvapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntvdm.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmarta.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdsapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\notepad.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\newdev.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netrap.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netmsg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netid.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netevent.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netdde.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mydocs.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mycomput.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mtxclu(3).dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml3r.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvidc32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp60.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mstsc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrle32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msimg32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msidle.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mshtml.tlb:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mshearts.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msh261.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msgsm32.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg723.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg711.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msadp32.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mouse.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mnmsrvc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmsystem.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmsys.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmdrv.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mlang.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mfc42loc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mfc42.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdminst.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mapi32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lz32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\locator.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\locale.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l3codeca.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\keystone.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\keyboard.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdus.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl1.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jspl.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ir50_32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ir41_32.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ir32_32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\inetpp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\inetcpl.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\inetcfg.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\imgutil.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\imaadp32.acm:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifsutil.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ie4uinit.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icmui.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icfgnt5.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iccvid.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iac25_32.ax:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hnetwiz.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hdwwiz.cpl:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hal.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\geo.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\framebuf.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\FNTCACHE.DAT:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fmifs.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsound.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drwtsn32.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\wdmaud.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\wanarp.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\videoprt.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\vga.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\usbuhci.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\usbprint.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbport.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\usbhub.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\usbehci.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\update.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\termdd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tdi.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\sysaudio.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\swmidi.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\swenum.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\system32\DRIVERS\sr.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\splitter.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\sfloppy.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\serial.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\serenum.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\secdrv.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\redbook.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\rdpdr.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\RDPCDD.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\rdbss.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\raspti.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\raspptp.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\raspppoe.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\rasl2tp.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\rasacd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\ptilink.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\psched.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\portcls.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\system32\DRIVERS\pciide.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\system32\DRIVERS\pci.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\parvdm.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\parport.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\system32\DRIVERS\ohci1394.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\null.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\npfs.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\nic1394.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\netbt.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\netbios.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ndproxy.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\ndiswan.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\ndisuio.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\ndistapi.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\mssmbios.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\MSPQM.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\MSPCLOCK.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\MSKSSRV.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\msgpc.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\msfs.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\mrxdav.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\mouhid.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\mouclass.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mnmdd.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\kbdclass.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\system32\DRIVERS\isapnp.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\irenum.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\ipsec.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\ipnat.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\ipinip.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\intelppm.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\imapi.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\i8042prt.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Drivers\HTTP.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\hidusb.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\hidparse.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\hidclass.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\HDAudBus.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\system32\DRIVERS\ftdisk.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fs_rec.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\system32\DRIVERS\fltMgr.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\flpydisk.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fips.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\fdc.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dxgthk.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dxg.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dxapi.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\drmkaud.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\drmk.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\DMusic.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dmload.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dmio.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dmboot.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\system32\DRIVERS\disk.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\cdrom.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cdfs.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cdaudio.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\beep.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\audstub.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\atmarpc.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\system32\DRIVERS\atapi.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\asyncmac.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRIVERS\arp1394.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\aec.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\system32\DRIVERS\ACPI.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpcdll.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmadmin.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllhost.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nv4_mini.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\nv4_disp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskcopy.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\devmgr.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\deskperf.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\deskmon.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\deskadp.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ddrawex.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ddraw.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dciman32.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3d9.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3d8thk.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ctype.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CTFMON.EXE:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cryptnet.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compatUI.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comm.drv:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cnbjmon.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\clusapi.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\clipsrv.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\clbcatq.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cisvc.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28592.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1253.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1252.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1251.nls:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bthci.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\browselc.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootvid.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\batt.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\autochk.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\$winnt$.inf:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\setupapi.log.0.old:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\setupact.log:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\SchedLgU.Txt:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\regedit.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\gdrv.sys:KAVICHS @Alternate Data Stream - 36 bytes -> C:\WINDOWS\bootstat.dat:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Program Files\Messenger\msmsgs.exe:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll:KAVICHS @Alternate Data Stream - 36 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini:KAVICHS @Alternate Data Stream - 132 bytes -> C:\WINDOWS\DirectX.log:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wtsapi32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wsock32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\uxtheme.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\shsvcs.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\setupapi.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netshell.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netapi32(3).dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cscdll.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\comctl32.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\apphelp.dll:KAVICHS @Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\advpack.dll:KAVICHS < End of report >[/log]
Psycholandia komentarz 15 października 2009 komentarz 15 października 2009 W okienko OTL wklej poniższy skrypt i klik na Run Fix: [code]:Processes explorer.exe :OTL O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-1801674531-789336058-725345543-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O32 - AutoRun File - [2009-05-12 17:48:10 | 00,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-05-12 17:48:10 | 00,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ] :Files C:\Program Files\DAEMON Tools Toolbar C:\RECYCLER (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe C:\WINDOWS\SWREG.exe C:\WINDOWS\SWSC.exe C:\WINDOWS\NIRCMD.exe C:\Qoobox C:\WINDOWS\PEV.exe C:\WINDOWS\PEV.exe C:\WINDOWS\sed.exe C:\WINDOWS\grep.exe C:\WINDOWS\zip.exe C:\WINDOWS\Tasks\WGASetup.job :Commands [emptytemp] [start explorer] [Reboot][/code] Otwórz notatnik tekstowy i wklej do niego poniższy tekst: [code]Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] [/code] Zapisz jako->Wybierz [b]Wszystkie pliki[/b]->wpisz [b]Fix.reg[/b]->Następnie kliknij na zapisany plik i uruchom komputer ponownie. Przeskanuj komputer tym: [url="http://www.programosy.pl/program,malwarebytes-anti-malware.html"]Malware[/url] usuń wszystko co znajdzie i daj loga po kasowaniu (loga z Malware) Jaki powód dawania loga?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.