x-kom hosting

2 Problemy, wirusy

Sidoxy
utworzono
utworzono

Witam. Posiadam DWA problemy, które męczą mnie od ponad pół roku:

* Problem Numer Jeden : " Opcje Folderów/Pokaż ukryte pliki i foldery "
- Problem ten polega na tym, że pliki te które miałem kiedyś UKRYTE są już ukryte na dobre ponieważ przy zmianie w "Opcje Folderów" z "Nie pokazuj ukrytych plików i folderów" na "Pokaż ukryte pliki i foldery" wcale mi się to nie włącza ponieważ po naciśnięciu na przycisk "Zastosuj" wszystko powraca w mgnieniu oka na ustawienie to, że pliki mają być ukryte.

** Problem Numer Dwa : " Automatyczne uruchamianie Moich Dokumentów przy starcie systemu "
- A więc ten problem przedstawia się następująco.. Po włączeniu komputera, od razu odpalają mi się Moje Dokumenty chociaż ich nie włączam. Nie wiem czym to idzie, ale mam już tak od pewnego czasu i powoli już staje się to irytujące więc prosiłbym was Ekspertów o pomoc :)


Skanowałem wielokrotnie już komputer Antywirusami : Avast oraz Kaspersky, pomimo usuwanych wirusów wciąż mam te same problemy :) Proszę o pomoc :) Pozdrawiam


Mam Loga zrobionego programem OTL
[log]OTL logfile created on: 2010-07-28 15:03:04 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\Warzych\Pulpit
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

751,00 Mb Total Physical Memory | 377,00 Mb Available Physical Memory | 50,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 360 720 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,92 Gb Total Space | 2,70 Gb Free Space | 4,83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LIPI-B0BE458B0A
Current User Name: Warzych
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-07-28 15:01:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Warzych\Pulpit\OTL.exe
PRC - [2010-07-24 21:35:27 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-07-24 21:35:23 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-04-14 18:47:08 | 002,790,472 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-04-14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009-11-30 00:19:41 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008-12-29 12:40:30 | 000,687,560 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008-11-21 11:15:30 | 006,890,088 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Nowe Gadu-Gadu\gg.exe
PRC - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2006-03-02 14:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-03-02 14:00:00 | 000,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2006-03-02 14:00:00 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2006-03-02 14:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2006-03-02 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2006-03-02 14:00:00 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2006-03-02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2006-03-02 14:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2006-03-02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [BTHSVCS]
PRC - [2006-03-02 14:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2006-03-02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2006-03-02 14:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2006-01-19 17:54:34 | 000,925,696 | ---- | M] ( ) -- C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-07-28 15:01:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Warzych\Pulpit\OTL.exe
MOD - [2006-03-02 14:00:00 | 008,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2006-03-02 14:00:00 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2006-03-02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2006-03-02 14:00:00 | 001,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2006-03-02 14:00:00 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2006-03-02 14:00:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2006-03-02 14:00:00 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2006-03-02 14:00:00 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2006-03-02 14:00:00 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2006-03-02 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2006-03-02 14:00:00 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2006-03-02 14:00:00 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2006-03-02 14:00:00 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2006-03-02 14:00:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2006-03-02 14:00:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2006-03-02 14:00:00 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2006-03-02 14:00:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2006-03-02 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2006-03-02 14:00:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2006-03-02 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006-03-02 14:00:00 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2006-03-02 14:00:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2006-03-02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2006-03-02 14:00:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2006-03-02 14:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010-04-14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-04-14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-04-14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009-10-27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\ZDCndis5.SYS -- (ZDCndis5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\s24trans.sys -- (s24trans)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\PCANDIS5.SYS -- (PCANDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Warzych\USTAWI~1\Temp\extrem.sys -- (extrem.sys)
DRV - [2010-04-14 18:35:47 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-04-14 18:35:25 | 000,162,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-04-14 18:31:39 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-04-14 18:31:12 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-04-14 18:31:01 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-04-14 18:30:45 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-01-29 21:17:28 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008-08-26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006-01-18 15:09:40 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2005-12-22 15:45:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WlanBZXP.sys -- (SG762_XP)
DRV - [2005-05-30 02:31:06 | 000,176,128 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2004-04-13 14:14:12 | 000,070,144 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004-02-12 04:18:46 | 000,191,092 | R--- | M] (O2 Micro ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\o2mmb.sys -- (CONAN)
DRV - [2004-01-28 17:15:00 | 000,006,100 | R--- | M] (O2 Micro) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MbxStby.sys -- (MbxStby)
DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1614895754-861567501-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.flashget.com/
IE - HKU\S-1-5-21-1614895754-861567501-1801674531-1004\..\URLSearchHook: {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll File not found
IE - HKU\S-1-5-21-1614895754-861567501-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://www.nasza-klasa.pl/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.4
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-24 21:35:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-24 21:35:32 | 000,000,000 | ---D | M]

[2010-02-07 12:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\Mozilla\Extensions
[2010-07-27 23:53:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\Mozilla\Firefox\Profiles\p68is4o6.default\extensions
[2010-05-30 21:30:00 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Documents and Settings\Warzych\Dane aplikacji\Mozilla\Firefox\Profiles\p68is4o6.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010-05-09 11:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\Mozilla\Firefox\Profiles\p68is4o6.default\extensions\YoutubeDownloader@PeterOlayev.com
[2010-07-27 23:53:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-11-16 17:23:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll
[2010-05-18 14:37:58 | 000,484,864 | ---- | M] (Ganymede Technologies) -- C:\Program Files\Mozilla Firefox\plugins\NPHUNTER.dll
[2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (IeCatch5 Class) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\Jccatch.dll (FlashGet)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and Settings\Warzych\Dane aplikacji\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (gFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll ()
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll (Amaze Soft)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKU\S-1-5-21-1614895754-861567501-1801674531-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1614895754-861567501-1801674531-1004..\Run: [FlashGet 3] C:\Program Files\FlashGet Network\FlashGet 3\flashget3.exe (Trend Media Corporation Limited)
O4 - HKU\S-1-5-21-1614895754-861567501-1801674531-1004..\Run: [Nowe Gadu-Gadu] C:\Program Files\Nowe Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Program sieciowy dla SAGEM Wi-Fi 11g USB adapter.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE ( )
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-861567501-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm ()
O8 - Extra context menu item: Download all by FlashGet3 - C:\Documents and Settings\Warzych\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Documents and Settings\Warzych\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\Warzych\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\Warzych\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\LogonInit: DllName - logonInit.dll - File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Warzych\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Warzych\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-08-02 11:49:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1e3645c8-d85d-11de-87a8-00030d3bfcde}\Shell\AutoRun\command - "" = G:\k1d.exe -- File not found
O33 - MountPoints2\{1e3645c8-d85d-11de-87a8-00030d3bfcde}\Shell\open\Command - "" = G:\k1d.exe -- File not found
O33 - MountPoints2\{1fffc35e-4967-11df-893f-0060b342dcd1}\Shell\AutoRun\command - "" = G:\fooool.exe -- File not found
O33 - MountPoints2\{1fffc35e-4967-11df-893f-0060b342dcd1}\Shell\explore\Command - "" = G:\fooool.exe -- File not found
O33 - MountPoints2\{1fffc35e-4967-11df-893f-0060b342dcd1}\Shell\open\Command - "" = G:\fooool.exe -- File not found
O33 - MountPoints2\{31232910-f45c-11de-880c-00030d3bfcde}\Shell\ArcaVirMenu\command - "" = G:\ArcaVir2009USBMenu.exe -- File not found
O33 - MountPoints2\{31232910-f45c-11de-880c-00030d3bfcde}\Shell\AutoRun\command - "" = G:\ArcaVir2009USBMenu.exe -- File not found
O33 - MountPoints2\{99603626-0055-11df-883c-00030d3bfcde}\Shell\AutoRun\command - "" = E:\kmj.exe -- File not found
O33 - MountPoints2\{99603626-0055-11df-883c-00030d3bfcde}\Shell\open\Command - "" = E:\kmj.exe -- File not found
O33 - MountPoints2\{d603b460-af13-11de-8702-00030d3bfcde}\Shell\AutoRun\command - "" = E:\t2hjo0.exe -- File not found
O33 - MountPoints2\{d603b460-af13-11de-8702-00030d3bfcde}\Shell\open\Command - "" = E:\t2hjo0.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-07-28 15:01:52 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Warzych\Pulpit\OTL.exe
[2010-07-28 10:58:52 | 000,000,000 | ---D | C] -- C:\Sierra
[2010-07-27 23:51:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Monolith Productions
[2010-07-26 18:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Surreal
[2010-07-26 12:55:52 | 000,000,000 | ---D | C] -- C:\OutputFolder
[2010-07-26 12:52:37 | 000,000,000 | ---D | C] -- C:\Program Files\Allok RM RMVB to AVI MPEG DVD Converter
[2010-07-22 18:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Pulpit\Water Reflection v2.6
[2010-07-22 13:34:47 | 000,000,000 | ---D | C] -- C:\Team17
[2010-07-18 11:42:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Dane aplikacji\ipla
[2010-07-18 11:42:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2010-07-18 11:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Dane aplikacji\Gadu-Gadu 10
[2010-07-18 11:33:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-07-16 10:25:25 | 000,000,000 | ---D | C] -- C:\Hiszpania - Zdjęcia
[2010-07-07 18:31:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Pulpit\Music
[2010-07-04 09:55:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Moje dokumenty\Alcohol 52%
[2010-07-02 13:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Pulpit\Adobe Photoshop cs pl
[2010-07-01 20:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Pulpit\Photoshop by Warzych Obrazki x]
[2010-06-30 18:11:38 | 000,000,000 | ---D | C] -- C:\Program Files\Runtime Software
[2010-06-30 17:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\PC Inspector File Recovery
[2010-06-25 20:34:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Pulpit\Komixxy Zdj xD
[2010-06-23 12:50:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Pulpit\WWE RAW Ultimate Impact
[2010-06-15 17:46:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Dane aplikacji\.ZMatrix
[2010-06-03 08:48:44 | 000,000,000 | ---D | C] -- C:\VB4Run
[2010-05-30 21:21:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Dane aplikacji\FlashGet
[2010-05-30 21:21:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Dane aplikacji\BITS
[2010-05-30 21:21:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Dane aplikacji\FlashGetBHO
[2010-05-30 21:21:27 | 000,000,000 | ---D | C] -- C:\Program Files\FlashGet Network
[2010-05-30 21:14:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Pulpit\SCIAGNIETE WOW HALF LIFE
[2010-05-30 15:25:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Warzych\Dane aplikacji\Mp3tag
[2010-05-30 15:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3tag
[2004-04-19 05:50:20 | 000,013,912 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\recagent.sys
[2004-04-19 05:42:26 | 000,635,152 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2004-04-19 05:34:36 | 000,095,760 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2004-04-19 05:33:24 | 000,230,656 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2004-04-19 05:26:08 | 001,301,488 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2004-04-19 05:15:12 | 000,180,664 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2004-04-19 05:04:48 | 000,013,312 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-07-28 15:01:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Warzych\Pulpit\OTL.exe
[2010-07-28 14:55:42 | 000,000,556 | ---- | M] () -- C:\WINDOWS\System32\secustat.dat
[2010-07-28 14:54:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-07-28 14:53:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-07-28 14:18:40 | 006,291,456 | ---- | M] () -- C:\Documents and Settings\Warzych\ntuser.dat
[2010-07-28 14:18:15 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Warzych\ntuser.ini
[2010-07-28 14:18:03 | 002,641,068 | -H-- | M] () -- C:\Documents and Settings\Warzych\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2010-07-28 11:24:10 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-07-27 22:37:27 | 2601,059,643 | ---- | M] () -- C:\Sierra.rar
[2010-07-27 22:37:27 | 2601,059,643 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\Sierra.rar
[2010-07-27 16:37:17 | 000,002,649 | ---- | M] () -- C:\WINDOWS\System32\secushr.dat
[2010-07-27 13:33:05 | 000,122,368 | ---- | M] () -- C:\Documents and Settings\Warzych\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-07-26 12:52:45 | 000,001,974 | ---- | M] () -- C:\Documents and Settings\Warzych\Pulpit\Allok RM RMVB to AVI MPEG DVD Converter.lnk
[2010-07-22 23:03:07 | 000,000,083 | ---- | M] () -- C:\WINDOWS\wwp.INI
[2010-07-22 18:21:09 | 001,142,065 | ---- | M] () -- C:\Documents and Settings\Warzych\Pulpit\Water Reflection v2.6.rar
[2010-07-22 17:38:43 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-07-22 13:34:47 | 000,000,477 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Worms World Party.lnk
[2010-07-21 22:30:30 | 000,105,838 | ---- | M] () -- C:\Documents and Settings\Warzych\Pulpit\JA I AGATKA PRAGA.JPG
[2010-07-20 14:48:52 | 000,000,640 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-07-20 14:48:52 | 000,000,239 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-07-20 14:48:52 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010-07-18 11:58:16 | 000,000,004 | ---- | M] () -- C:\WINDOWS\System32\proc-1963933865.bin
[2010-07-18 11:58:05 | 000,360,368 | ---- | M] () -- C:\Documents and Settings\Warzych\Pulpit\HUNTER_2_0_0_31.exe
[2010-07-18 11:49:50 | 000,000,688 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2010-07-17 19:41:16 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[2010-07-16 15:07:19 | 000,086,130 | ---- | M] () -- C:\Documents and Settings\Warzych\Pulpit\P100710_14.36.jpg
[2010-07-07 18:43:15 | 000,006,317 | ---- | M] () -- C:\Documents and Settings\Warzych\Pulpit\Audio1.nra
[2010-07-01 19:38:02 | 000,000,030 | ---- | M] () -- C:\WINDOWS\TextSpy.ini
[2010-06-27 13:45:04 | 001,019,962 | ---- | M] () -- C:\Documents and Settings\Warzych\Moje dokumenty\Zdjęcie0257.jpg
[2010-06-23 17:23:22 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\Warzych\Pulpit\Skrót do WWE Raw - Ultimate Impact.lnk
[2010-06-22 09:56:41 | 000,018,744 | ---- | M] () -- C:\Documents and Settings\Warzych\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT
[2010-06-15 20:21:26 | 000,115,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-13 17:40:43 | 001,636,728 | ---- | M] () -- C:\Documents and Settings\Warzych\Moje dokumenty\my.JPG
[2010-06-06 21:32:27 | 002,989,694 | ---- | M] () -- C:\Documents and Settings\Warzych\Pulpit\skillet - hero.mp3
[2010-06-02 18:11:50 | 000,232,835 | ---- | M] () -- C:\Documents and Settings\Warzych\Moje dokumenty\CWK.jpg
[2010-05-30 21:21:48 | 000,000,025 | ---- | M] () -- C:\WINDOWS\libem.INI
[2010-05-30 21:21:40 | 000,000,866 | ---- | M] () -- C:\Documents and Settings\Warzych\Pulpit\FlashGet 3.5.lnk
[2010-05-30 15:25:32 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Mp3tag.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-07-28 09:57:58 | 2601,059,643 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\Sierra.rar
[2010-07-27 23:26:04 | 2601,059,643 | ---- | C] () -- C:\Sierra.rar
[2010-07-26 12:52:45 | 000,001,974 | ---- | C] () -- C:\Documents and Settings\Warzych\Pulpit\Allok RM RMVB to AVI MPEG DVD Converter.lnk
[2010-07-22 23:03:07 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI
[2010-07-22 18:20:57 | 001,142,065 | ---- | C] () -- C:\Documents and Settings\Warzych\Pulpit\Water Reflection v2.6.rar
[2010-07-22 13:34:47 | 000,000,477 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Worms World Party.lnk
[2010-07-21 22:30:30 | 000,105,838 | ---- | C] () -- C:\Documents and Settings\Warzych\Pulpit\JA I AGATKA PRAGA.JPG
[2010-07-18 11:58:16 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\proc-1963933865.bin
[2010-07-18 11:58:02 | 000,360,368 | ---- | C] () -- C:\Documents and Settings\Warzych\Pulpit\HUNTER_2_0_0_31.exe
[2010-07-18 11:49:50 | 000,000,688 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nowe Gadu-Gadu.lnk
[2010-07-16 15:03:51 | 000,086,130 | ---- | C] () -- C:\Documents and Settings\Warzych\Pulpit\P100710_14.36.jpg
[2010-07-07 18:43:15 | 000,006,317 | ---- | C] () -- C:\Documents and Settings\Warzych\Pulpit\Audio1.nra
[2010-06-30 17:33:18 | 000,006,200 | ---- | C] () -- C:\WINDOWS\System32\INT13EXT.VXD
[2010-06-27 13:44:19 | 001,019,962 | ---- | C] () -- C:\Documents and Settings\Warzych\Moje dokumenty\Zdjęcie0257.jpg
[2010-06-23 17:23:22 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\Warzych\Pulpit\Skrót do WWE Raw - Ultimate Impact.lnk
[2010-06-13 17:39:38 | 001,636,728 | ---- | C] () -- C:\Documents and Settings\Warzych\Moje dokumenty\my.JPG
[2010-06-06 21:32:27 | 002,989,694 | ---- | C] () -- C:\Documents and Settings\Warzych\Pulpit\skillet - hero.mp3
[2010-06-02 18:11:50 | 000,232,835 | ---- | C] () -- C:\Documents and Settings\Warzych\Moje dokumenty\CWK.jpg
[2010-06-02 16:02:31 | 000,000,556 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2010-05-30 21:22:18 | 000,002,649 | ---- | C] () -- C:\WINDOWS\System32\secushr.dat
[2010-05-30 21:21:48 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2010-05-30 21:21:40 | 000,000,866 | ---- | C] () -- C:\Documents and Settings\Warzych\Pulpit\FlashGet 3.5.lnk
[2010-05-30 15:25:32 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Mp3tag.lnk
[2010-04-27 16:34:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROSet.INI
[2010-04-18 14:51:12 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010-04-18 14:51:12 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010-04-18 14:51:11 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010-04-17 12:42:09 | 000,000,173 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010-02-06 16:50:26 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\WLANUTL.dll
[2010-02-03 17:46:27 | 000,094,208 | RHS- | C] () -- C:\bveijo.exe
[2010-01-29 21:17:27 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-11-05 20:02:04 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2009-11-05 20:02:04 | 000,002,394 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2009-09-12 14:27:48 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-27 20:40:04 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2009-08-16 11:38:00 | 000,001,604 | ---- | C] () -- C:\WINDOWS\ghost_config.ini
[2009-08-09 11:38:18 | 000,002,181 | ---- | C] () -- C:\WINDOWS\Helicon Debug Window.ini
[2009-08-08 18:25:07 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009-08-08 18:25:06 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009-08-08 18:25:04 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009-08-08 18:25:03 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009-08-08 18:25:02 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009-08-08 18:25:01 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009-08-08 18:25:00 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009-08-02 12:13:26 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll
[2006-03-02 14:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006-03-02 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004-04-19 08:44:48 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[2004-04-19 08:11:06 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\slgen.dll

[color=#E56717]========== LOP Check ==========[/color]

[2010-04-24 13:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software
[2010-02-05 18:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2010-07-18 11:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2010-04-11 14:04:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations
[2010-07-18 11:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla
[2009-11-05 20:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LGMOBILEAX
[2009-08-28 11:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
[2010-04-01 13:32:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SpeedBit
[2010-04-01 13:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2010-06-15 17:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\.ZMatrix
[2009-08-28 22:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\AgerWebEdytor
[2010-07-17 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\BESTplayer
[2010-07-28 14:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\BITS
[2010-02-07 02:02:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\ChomikBox
[2010-02-05 18:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\DAEMON Tools
[2010-02-05 18:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\DAEMON Tools Lite
[2010-02-05 18:51:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\DAEMON Tools Pro
[2009-08-18 21:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\Desktopicon
[2010-05-30 21:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\FlashGet
[2010-05-30 21:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\FlashGetBHO
[2010-07-18 11:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\Gadu-Gadu 10
[2010-07-23 22:48:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\GanymedeNet
[2009-08-18 10:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\GrabIt
[2010-05-23 22:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\Hardcore
[2009-08-27 20:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\InterTrust
[2010-07-18 11:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\ipla
[2010-05-30 15:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\Mp3tag
[2009-08-08 21:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\Nokia
[2010-07-21 14:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\Nowe Gadu-Gadu
[2010-07-16 08:54:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\OpenOfficePLHome2007
[2009-08-24 13:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\Opera
[2009-09-13 20:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\PC Suite
[2010-02-06 14:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Warzych\Dane aplikacji\Thunderbird

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 400 bytes -> C:\Documents and Settings\Warzych\Ustawienia lokalne\Dane aplikacji\desktop.ini:bf5af20ce7a419b1178ece347eddc338
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A9662AE0
< End of report >
[/log]

Tomek01
komentarz
komentarz

Zastosuj [b][color=#0000CD][url=http://download.bleepingcomputer.com//sUBs/Flash_Disinfector.exe]Flash Disinfector[/url][/color][/b], najlepiej z podpiętym pendrive'm czy innymi pamięciami USB.


W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Warzych\USTAWI~1\Temp\extrem.sys -- (extrem.sys)
IE - HKU\S-1-5-21-1614895754-861567501-1801674531-1004\..\URLSearchHook: {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll File not found
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll (Amaze Soft)
O33 - MountPoints2\{1e3645c8-d85d-11de-87a8-00030d3bfcde}\Shell\AutoRun\command - "" = G:\k1d.exe -- File not found
O33 - MountPoints2\{1e3645c8-d85d-11de-87a8-00030d3bfcde}\Shell\open\Command - "" = G:\k1d.exe -- File not found
O33 - MountPoints2\{1fffc35e-4967-11df-893f-0060b342dcd1}\Shell\AutoRun\command - "" = G:\fooool.exe -- File not found
O33 - MountPoints2\{1fffc35e-4967-11df-893f-0060b342dcd1}\Shell\explore\Command - "" = G:\fooool.exe -- File not found
O33 - MountPoints2\{1fffc35e-4967-11df-893f-0060b342dcd1}\Shell\open\Command - "" = G:\fooool.exe -- File not found
O33 - MountPoints2\{31232910-f45c-11de-880c-00030d3bfcde}\Shell\ArcaVirMenu\command - "" = G:\ArcaVir2009USBMenu.exe -- File not found
O33 - MountPoints2\{31232910-f45c-11de-880c-00030d3bfcde}\Shell\AutoRun\command - "" = G:\ArcaVir2009USBMenu.exe -- File not found
O33 - MountPoints2\{99603626-0055-11df-883c-00030d3bfcde}\Shell\AutoRun\command - "" = E:\kmj.exe -- File not found
O33 - MountPoints2\{99603626-0055-11df-883c-00030d3bfcde}\Shell\open\Command - "" = E:\kmj.exe -- File not found
O33 - MountPoints2\{d603b460-af13-11de-8702-00030d3bfcde}\Shell\AutoRun\command - "" = E:\t2hjo0.exe -- File not found
O33 - MountPoints2\{d603b460-af13-11de-8702-00030d3bfcde}\Shell\open\Command - "" = E:\t2hjo0.exe -- File not found
@Alternate Data Stream - 400 bytes -> C:\Documents and Settings\Warzych\Ustawienia lokalne\Dane aplikacji\desktop.ini:bf5af20ce7a419b1178ece347eddc338
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:A9662AE0


:Files
C:\WINDOWS\System32\secustat.dat
C:\WINDOWS\System32\secushr.dat
C:\bveijo.exe

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.


Wrzucasz log OTL z usuwania oraz nowe logi OTL i RSIT.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.