Zamulający komp, problem z gameguardem w grze... przez wirus

**Posty:** 125 · przez **szczoti** 18 Sty 2010, 21:27

Proszę o sprawdzenie loga, już musiałem wstawić na forum ponieważ nie mogłem sobie z tym wszystkim poradzić z pewnościa bedzie tego strasznie duzo ale trzeba to jakos naprawic, prosze o sprawdzenie log jak najszybciej. Wiem, że wirus znajduje sie w temp1... oraz sypie mi sie czesto temp2 mysle ze to jest zrodlo klopotu lecz nie moge sobie z tym poradzic.

Z gory dziekuje!

Kod: Zaznacz wszystko: OTL logfile created on: 2010-01-18 20:24:22 - Run 2 OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Mój komputer\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free 5,00 Gb Paging File | 5,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 15,81 Gb Free Space | 16,19% Space Free | Partition Type: NTFS Drive D: | 184,05 Gb Total Space | 42,18 Gb Free Space | 22,92% Space Free | Partition Type: NTFS Drive E: | 184,05 Gb Total Space | 21,90 Gb Free Space | 11,90% Space Free | Partition Type: NTFS Drive F: | 440,28 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: CZORNY Current User Name: Mój komputer Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-01-18 20:23:41 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mój komputer\Moje dokumenty\Pobieranie\OTL.exe PRC - [2010-01-14 21:01:47 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-12-21 14:49:02 | 11,850,344 | ---- | M] (GG Network S.A.) -- D:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2009-12-21 13:31:34 | 00,098,304 | ---- | M] () -- D:\Program Files\Gadu-Gadu 10\spellchecker_gg.exe PRC - [2009-11-25 04:09:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe PRC - [2009-09-20 20:52:40 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2009-03-01 08:40:59 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009-01-18 22:34:48 | 00,506,712 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2009-01-18 22:34:37 | 00,921,936 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe PRC - [2009-01-03 18:54:43 | 02,745,776 | ---- | M] (Tonec Inc.) -- D:\Program Files\Internet Download Manager\IDMan.exe PRC - [2008-11-19 09:47:24 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2008-02-18 14:01:01 | 00,251,312 | ---- | M] (Tonec Inc.) -- D:\Program Files\Internet Download Manager\IEMonitor.exe PRC - [2007-06-05 13:20:32 | 00,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe PRC - [2007-05-28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- c:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2004-12-13 03:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2004-08-03 23:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe PRC - [2004-08-03 23:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2001-10-26 18:30:04 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-01-18 20:23:41 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mój komputer\Moje dokumenty\Pobieranie\OTL.exe MOD - [2010-01-18 19:54:46 | 00,025,600 | ---- | M] () -- C:\WINDOWS\system32\wcdrtc32.dll MOD - [2008-12-16 17:06:08 | 00,034,224 | ---- | M] (Tonec Inc.) -- D:\Program Files\Internet Download Manager\idmmkb.dll MOD - [2006-08-25 07:51:14 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2006-05-03 21:53:54 | 00,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll MOD - [2004-10-15 21:54:43 | 00,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (Prime95 Service) SRV - [2009-11-25 04:09:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller) SRV - [2009-09-20 20:52:40 | 00,075,064 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA) SRV - [2009-08-13 20:05:00 | 00,593,920 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart) SRV - [2009-03-29 23:09:00 | 02,735,133 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2009-03-01 08:40:59 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009-01-18 22:34:37 | 00,921,936 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2008-11-19 09:47:24 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2008-11-04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008-10-25 11:44:08 | 00,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2007-06-05 13:20:32 | 00,177,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing) SRV - [2007-05-28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- c:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2007-03-12 12:49:46 | 00,271,920 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - [2007-01-15 16:14:38 | 00,794,624 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService) SRV - [2006-10-26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2006-10-13 13:41:11 | 00,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\nwwks.dll -- (NWCWorkstation) SRV - [2005-04-03 23:41:10 | 00,090,112 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004-12-13 03:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2000-08-06 01:50:20 | 07,462,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe -- (MSSQLSERVER) SRV - [2000-08-06 01:50:18 | 00,323,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.exe -- (SQLSERVERAGENT) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-12-26 10:56:52 | 00,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009-12-26 10:56:52 | 00,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009-11-25 04:50:16 | 04,463,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009-11-23 20:52:14 | 00,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32) DRV - [2009-11-17 12:32:10 | 00,023,512 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ESLvnic.sys -- (ESLvnic1) DRV - [2009-11-15 13:12:42 | 00,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-05-08 13:51:24 | 00,037,664 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd) DRV - [2009-04-23 10:15:06 | 00,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-01-19 19:31:56 | 00,277,544 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\acedrv11.sys -- (acedrv11) DRV - [2009-01-17 12:19:31 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv) DRV - [2008-06-25 17:47:00 | 00,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e) DRV - [2008-06-13 10:11:16 | 04,754,944 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-05-21 00:53:36 | 00,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2007-12-17 10:14:06 | 00,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO) DRV - [2007-08-20 09:05:02 | 00,027,672 | R--- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Entech.sys -- (ENTECH) DRV - [2007-05-02 10:12:36 | 00,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm) DRV - [2007-05-02 10:12:36 | 00,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl) DRV - [2007-05-02 10:12:34 | 00,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2006-10-18 10:38:38 | 00,009,728 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\cxavxbar.sys -- (CXAVXBAR) DRV - [2006-10-18 10:37:56 | 00,050,816 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\cx88tune.sys -- (CXTUNE) DRV - [2006-10-18 10:37:26 | 00,162,944 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\cx88vid.sys -- (CX23880) DRV - [2006-10-13 11:23:15 | 00,163,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nwrdr.sys -- (NWRDR) DRV - [2006-07-24 15:05:00 | 00,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen) DRV - [2005-07-07 09:14:30 | 01,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17) DRV - [2005-01-10 11:15:30 | 00,106,496 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2005-01-10 11:15:24 | 00,138,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2005-01-07 16:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus) DRV - [2004-08-13 03:56:20 | 00,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-08-03 23:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2004-08-03 22:03:36 | 00,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2001-08-17 22:54:18 | 00,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2001-08-17 22:54:18 | 00,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2001-08-17 22:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2247187 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultthis.engineName: "LiveTV_ Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2075379&SearchSource=3&q=" FF - prefs.js..browser.startup.homepage: "http://www.pajacyk.pl/" FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5 FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:5.11 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102 FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2075379&SearchSource=2&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-14 21:01:59 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-16 20:30:23 | 00,000,000 | ---D | M] [2008-12-09 09:18:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mój komputer\Dane aplikacji\Mozilla\Extensions [2010-01-17 20:51:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mój komputer\Dane aplikacji\Mozilla\Firefox\Profiles\g7uiga9p.default\extensions [2010-01-12 07:31:36 | 00,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Mój komputer\Dane aplikacji\Mozilla\Firefox\Profiles\g7uiga9p.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2008-12-05 18:15:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mój komputer\Dane aplikacji\Mozilla\Firefox\Profiles\g7uiga9p.default\extensions\aidmakertoolbar@aidmaker.com [2010-01-12 07:31:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mój komputer\Dane aplikacji\Mozilla\Firefox\Profiles\g7uiga9p.default\extensions\DTToolbar@toolbarnet.com [2009-06-06 12:29:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Mój komputer\Dane aplikacji\Mozilla\Firefox\Profiles\g7uiga9p.default\extensions\SolidStateION@solidstatenetworks.com [2008-12-22 14:19:52 | 00,000,876 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Dane aplikacji\Mozilla\Firefox\Profiles\g7uiga9p.default\searchplugins\conduit.xml [2009-11-15 13:12:44 | 00,002,059 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Dane aplikacji\Mozilla\Firefox\Profiles\g7uiga9p.default\searchplugins\daemon-search.xml [2010-01-18 20:00:19 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2008-11-11 08:38:54 | 00,663,552 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll [2009-05-15 15:29:08 | 00,192,512 | ---- | M] (WEBZEN Co.,Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\NPGameWebStarter.dll [2009-02-03 16:33:20 | 00,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2008-10-23 15:59:28 | 00,024,684 | ---- | M] (MyWebSearch.com) -- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll [2010-01-14 21:01:54 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-01-14 21:01:54 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-14 21:01:54 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-14 21:01:54 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-14 21:01:54 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-14 21:01:54 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-06-16 10:22:51 | 00,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Mój komputer\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE (Microsoft Corporation) O4 - HKCU..\Run: [AlcoholAutomount] c:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [IDMan] D:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKCU..\Run: [PlayNC Launcher] File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation) F3 - HKCU WinNT: Load - (C:\WINDOWS\svchost.exe) - C:\WINDOWS\svchost.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Ściągnij przez IDM - D:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - D:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - D:\Program Files\Internet Download Manager\IEGetVL.htm () O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1222236355343 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Mój komputer\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mój komputer\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-09-23 16:03:21 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006-05-09 19:36:18 | 00,000,034 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2006-05-09 19:36:18 | 00,000,034 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2006-05-09 19:36:18 | 00,000,034 | RHS- | M] () - E:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{5b017e0a-4148-11de-92af-002215a17e96}\Shell - "" = AutoRun O33 - MountPoints2\{a2ca26d0-898f-11dd-879d-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{a2ca26d1-898f-11dd-879d-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{a2ca26d3-898f-11dd-879d-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{f317e404-a5f9-11de-ac82-002215a17e96}\Shell - "" = AutoRun O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] File not found -- C:\Documents and Settings\Mój komputer\Moje dokumenty\M%f3j%20komputer. [2010-01-18 19:51:12 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{83C91755-2546-441D-AC40-9A6B4B860800} [2010-01-18 19:49:30 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2010-01-16 19:34:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Dane aplikacji\My Battle for Middle-earth(tm) II Files [2010-01-16 19:30:19 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\EasyInfo [2010-01-16 19:24:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Moje dokumenty\EasyInfo [2010-01-16 19:10:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Dane aplikacji\Moje pliki Bitwy o Śródziemie™ II [2010-01-16 14:13:48 | 00,000,000 | ---D | C] -- C:\Program Files\Handball Simulator 2010 [2010-01-16 14:11:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Dane aplikacji\Z-Software [2010-01-16 14:11:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Z-Software [2010-01-16 11:41:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Moje dokumenty\My Games [2010-01-16 06:13:20 | 00,032,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msonpmon.dll [2010-01-16 06:12:47 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2010-01-16 06:12:20 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio [2010-01-16 06:11:38 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2010-01-16 06:10:03 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8 [2010-01-16 06:08:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2010-01-16 06:08:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Ustawienia lokalne\Dane aplikacji\Microsoft Help [2010-01-16 06:08:26 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2010-01-16 06:08:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help [2010-01-16 06:07:57 | 00,000,000 | RH-D | C] -- C:\MSOCache [2010-01-15 17:34:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Moje dokumenty\Pobieranie [2010-01-14 19:44:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Pulpit\OFFICE [2010-01-14 07:39:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Moje dokumenty\Moje Gry [2010-01-14 07:24:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Pulpit\TheSaboteurPatch [2010-01-12 20:29:31 | 01,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2010-01-12 20:29:31 | 00,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2010-01-12 20:29:31 | 00,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2010-01-12 20:29:30 | 05,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2010-01-12 20:29:30 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll [2010-01-12 20:29:30 | 00,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2010-01-12 20:29:29 | 01,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll [2010-01-12 13:34:30 | 00,000,000 | ---D | C] -- C:\data [2010-01-12 12:46:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Ustawienia lokalne\Dane aplikacji\AA3DeployClient [2010-01-12 12:46:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AA3DeployClient [2010-01-12 12:45:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Ustawienia lokalne\Dane aplikacji\Deployment [2010-01-12 06:51:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Moje dokumenty\gothic3 [2010-01-10 21:23:50 | 05,814,552 | ---- | C] (http://moorhunt.pl ) -- C:\Documents and Settings\Mój komputer\Pulpit\MoorHunt.exe [2010-01-09 13:19:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Pulpit\playtv-on(4) [2010-01-05 20:44:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Entropia Universe [2010-01-04 22:13:16 | 00,000,000 | ---D | C] -- C:\Program Files\Entropia Universe [2010-01-04 22:11:47 | 04,100,704 | ---- | C] (MindArk PE AB) -- C:\Documents and Settings\Mój komputer\Pulpit\entropia_universe_setup.exe [2010-01-03 14:56:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Pulpit\Indios_Bravos-On_Stage-PL-2009-BiL [2010-01-03 12:26:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Dane aplikacji\Tibia [2010-01-03 12:26:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Pulpit\Christmas_Edition [2010-01-01 16:27:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Pulpit\alicetea__muzyka_moja_bron_pl_2008 [2009-12-30 13:08:35 | 00,000,000 | ---D | C] -- C:\Program Files\ffdshow [2009-12-29 18:02:50 | 00,000,000 | ---D | C] -- C:\Program Files\ATI [2009-12-29 17:57:59 | 28,474,620 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Documents and Settings\Mój komputer\Pulpit\9-12_xp32_dd.exe [2009-12-28 11:57:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Pulpit\CallofDuty2Patchv1_3(2) [2009-12-26 20:10:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Moje dokumenty\Mount&Blade Savegames [2009-12-26 20:08:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Dane aplikacji\Mount&Blade [2009-12-25 14:52:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Pulpit\Skill%20Factor%202.2 [2009-12-25 14:07:02 | 04,274,696 | ---- | C] (Adobe Systems Inc.) -- C:\Documents and Settings\Mój komputer\Pulpit\Shockwave_Installer_Slim.exe [2009-12-23 23:50:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Mój komputer\Dane aplikacji\Gadu-Gadu 10 [2009-02-03 16:02:05 | 00,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll [2008-11-29 19:59:31 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft [2008-09-23 16:05:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft [2008-09-23 16:05:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft [2008-09-23 16:03:19 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] File not found -- C:\Documents and Settings\Mój komputer\Moje dokumenty\M%f3j%20komputer. [2010-01-18 20:22:44 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\HijackThis.lnk [2010-01-18 20:14:16 | 00,017,876 | -H-- | M] () -- C:\WINDOWS\System32\wcdrtc32.dl_ [2010-01-18 20:12:32 | 14,680,064 | -H-- | M] () -- C:\Documents and Settings\Mój komputer\NTUSER.DAT [2010-01-18 20:01:52 | 00,000,582 | ---- | M] () -- C:\WINDOWS\win.ini [2010-01-18 20:01:52 | 00,000,282 | ---- | M] () -- C:\WINDOWS\system.ini [2010-01-18 20:01:52 | 00,000,281 | RHS- | M] () -- C:\boot.ini [2010-01-18 19:59:12 | 00,733,626 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-01-18 19:59:12 | 00,467,454 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-01-18 19:59:12 | 00,185,526 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-01-18 19:59:12 | 00,072,020 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-01-18 19:57:24 | 00,000,070 | -H-- | M] () -- C:\aaw7boot.cmd [2010-01-18 19:54:48 | 00,002,085 | ---- | M] () -- C:\WINDOWS\System32\temp2.exe [2010-01-18 19:54:46 | 00,025,600 | ---- | M] () -- C:\WINDOWS\System32\wcdrtc32.dll [2010-01-18 19:54:38 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-01-18 19:54:34 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-01-18 19:53:19 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Mój komputer\ntuser.ini [2010-01-18 19:51:27 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010-01-18 19:51:10 | 00,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk [2010-01-17 14:44:05 | 00,012,162 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\Urbanizacja powstawanie i rozwój miast.docx [2010-01-16 20:50:05 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\PFConfig.lnk [2010-01-16 19:45:30 | 00,000,906 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Bitwa o Śródziemie™ II.lnk [2010-01-16 14:14:11 | 00,000,862 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\Handball-Simulator European Tournament 2010 spielen.lnk [2010-01-16 11:37:46 | 00,000,724 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\Symulator-Farmy 2009.lnk [2010-01-16 10:20:00 | 00,160,188 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\rapidshare.JPG [2010-01-16 08:47:50 | 00,298,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-01-16 06:47:45 | 00,075,776 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-01-15 17:36:23 | 00,007,518 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\potwierdzenie-1.pdf [2010-01-15 14:50:58 | 00,858,961 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\105923.pdf [2010-01-15 10:18:38 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-01-14 21:38:15 | 00,976,352 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\S5001339.JPG [2010-01-14 21:36:40 | 01,016,231 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\S5001337.JPG [2010-01-14 21:32:37 | 00,963,855 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\S5001333.JPG [2010-01-14 07:37:43 | 00,001,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\The Saboteur™.lnk [2010-01-14 07:24:03 | 14,492,118 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\TheSaboteurPatch.zip [2010-01-12 17:24:10 | 00,137,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010-01-12 17:24:01 | 00,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010-01-12 17:24:01 | 00,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe [2010-01-12 06:51:00 | 00,000,661 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gothic III.lnk [2010-01-10 21:24:53 | 00,000,524 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\MoorHunt.lnk [2010-01-10 21:24:12 | 05,814,552 | ---- | M] (http://moorhunt.pl ) -- C:\Documents and Settings\Mój komputer\Pulpit\MoorHunt.exe [2010-01-05 09:49:34 | 00,029,548 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\lion_of_judah_9.jpg [2010-01-04 22:12:46 | 04,100,704 | ---- | M] (MindArk PE AB) -- C:\Documents and Settings\Mój komputer\Pulpit\entropia_universe_setup.exe [2010-01-04 14:15:24 | 00,745,472 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\gameraving_installer.exe [2010-01-03 20:19:32 | 03,730,317 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Moje dokumenty\ryzy- jogobella vers.2.mp3.mp3 [2010-01-03 18:23:47 | 00,458,030 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\playtv-on.zip [2010-01-03 14:56:30 | 98,602,476 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\Indios_Bravos-On_Stage-PL-2009-BiL.rar [2010-01-03 12:21:59 | 19,433,095 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\Christmas_Edition.rar [2009-12-29 17:59:51 | 28,474,620 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Documents and Settings\Mój komputer\Pulpit\9-12_xp32_dd.exe [2009-12-29 17:27:38 | 73,769,099 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\alicetea__muzyka_moja_bron_pl_2008.rar [2009-12-29 12:21:26 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009-12-28 11:57:03 | 00,000,635 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Wielu graczy.lnk [2009-12-28 11:57:03 | 00,000,635 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Jeden gracz.lnk [2009-12-28 11:57:01 | 00,000,280 | ---- | M] () -- C:\WINDOWS\game.ini [2009-12-28 11:55:55 | 39,195,984 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\CallofDuty2Patchv1_3(2).zip [2009-12-27 07:47:07 | 00,000,915 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Europa Universalis III.lnk [2009-12-26 20:07:23 | 00,000,600 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\Mount&Blade.lnk [2009-12-26 10:56:52 | 00,279,712 | ---- | M] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009-12-26 10:56:52 | 00,025,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009-12-26 10:55:45 | 00,000,699 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\Age of Pirates 2.lnk [2009-12-25 14:52:18 | 00,244,206 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\Skill%20Factor%202.2.zip [2009-12-25 14:48:06 | 00,244,206 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\Skill Factor 2.2.zip [2009-12-25 14:24:04 | 01,021,552 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\PLU_v09.exe [2009-12-25 14:07:18 | 04,274,696 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Mój komputer\Pulpit\Shockwave_Installer_Slim.exe [2009-12-23 23:53:03 | 00,000,591 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2009-12-23 23:53:03 | 00,000,572 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2009-12-23 23:49:10 | 22,615,608 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\gg10.exe [2009-12-22 20:16:11 | 00,083,456 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-12-22 14:08:42 | 00,000,063 | ---- | M] () -- C:\Documents and Settings\Mój komputer\Pulpit\listen.pls [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-01-18 20:22:44 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\HijackThis.lnk [2010-01-18 19:57:23 | 00,000,070 | -H-- | C] () -- C:\aaw7boot.cmd [2010-01-18 19:52:55 | 00,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe [2010-01-18 19:51:10 | 00,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Ad-Aware.lnk [2010-01-16 20:50:05 | 00,000,600 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\PFConfig.lnk [2010-01-16 19:45:30 | 00,000,906 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Bitwa o Śródziemie™ II.lnk [2010-01-16 14:11:47 | 00,000,862 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\Handball-Simulator European Tournament 2010 spielen.lnk [2010-01-16 11:37:46 | 00,000,724 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\Symulator-Farmy 2009.lnk [2010-01-16 10:19:18 | 00,160,188 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\rapidshare.JPG [2010-01-16 06:36:14 | 00,012,162 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\Urbanizacja powstawanie i rozwój miast.docx [2010-01-15 17:36:23 | 00,007,518 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\potwierdzenie-1.pdf [2010-01-15 14:50:41 | 00,858,961 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\105923.pdf [2010-01-14 21:36:21 | 00,976,352 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\S5001339.JPG [2010-01-14 21:33:25 | 01,016,231 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\S5001337.JPG [2010-01-14 21:30:27 | 00,963,855 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\S5001333.JPG [2010-01-14 07:37:43 | 00,001,682 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\The Saboteur™.lnk [2010-01-14 07:23:04 | 14,492,118 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\TheSaboteurPatch.zip [2010-01-12 23:18:15 | 00,073,008 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-01-12 13:34:30 | 00,968,704 | ---- | C] () -- C:\demoTV5.exe [2010-01-12 06:51:00 | 00,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gothic III.lnk [2010-01-10 21:24:53 | 00,000,524 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\MoorHunt.lnk [2010-01-05 09:49:33 | 00,029,548 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\lion_of_judah_9.jpg [2010-01-04 14:15:19 | 00,745,472 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\gameraving_installer.exe [2010-01-03 20:18:20 | 03,730,317 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Moje dokumenty\ryzy- jogobella vers.2.mp3.mp3 [2010-01-03 18:23:45 | 00,458,030 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\playtv-on.zip [2010-01-03 14:48:27 | 98,602,476 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\Indios_Bravos-On_Stage-PL-2009-BiL.rar [2010-01-03 12:19:58 | 19,433,095 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\Christmas_Edition.rar [2009-12-29 17:18:13 | 73,769,099 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\alicetea__muzyka_moja_bron_pl_2008.rar [2009-12-28 11:57:03 | 00,000,635 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Wielu graczy.lnk [2009-12-28 11:57:03 | 00,000,635 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Call of Duty(R) 2 Jeden gracz.lnk [2009-12-28 11:57:01 | 00,000,280 | ---- | C] () -- C:\WINDOWS\game.ini [2009-12-28 11:53:08 | 39,195,984 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\CallofDuty2Patchv1_3(2).zip [2009-12-27 07:47:07 | 00,000,915 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Europa Universalis III.lnk [2009-12-26 20:07:23 | 00,000,600 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\Mount&Blade.lnk [2009-12-26 10:55:45 | 00,000,699 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\Age of Pirates 2.lnk [2009-12-25 14:52:16 | 00,244,206 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\Skill%20Factor%202.2.zip [2009-12-25 14:48:05 | 00,244,206 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\Skill Factor 2.2.zip [2009-12-25 14:23:59 | 01,021,552 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\PLU_v09.exe [2009-12-23 23:53:03 | 00,000,591 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk [2009-12-23 23:53:03 | 00,000,572 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk [2009-12-23 23:47:41 | 22,615,608 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\gg10.exe [2009-12-22 14:08:41 | 00,000,063 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Pulpit\listen.pls [2009-11-26 19:38:42 | 00,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-10-31 20:49:15 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009-10-18 08:43:34 | 00,000,016 | ---- | C] () -- C:\WINDOWS\InstallLog.ini [2009-09-20 20:04:00 | 00,025,600 | ---- | C] () -- C:\WINDOWS\System32\wcdrtc32.dll [2009-09-13 15:36:13 | 00,072,192 | ---- | C] () -- C:\WINDOWS\System32\amvo0.dll [2009-06-19 19:06:22 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009-06-19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009-06-19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009-06-19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009-06-19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009-06-19 19:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2009-06-15 17:05:16 | 00,000,008 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Dane aplikacji\wiaserva.log [2009-06-15 17:05:15 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Dane aplikacji\wiaservg.log [2009-06-06 12:59:08 | 00,000,031 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI [2009-06-03 14:30:33 | 00,105,984 | ---- | C] () -- C:\WINDOWS\System32\c_dll.dll [2009-06-03 12:32:55 | 00,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys [2009-06-02 12:37:07 | 00,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2009-06-01 14:05:26 | 00,001,248 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI [2009-05-31 10:46:37 | 00,000,485 | ---- | C] () -- C:\WINDOWS\FOE2.ini [2009-05-08 13:50:50 | 00,000,022 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\8f01a90e-7eb3-48d3-93b1-50d88fd146fb [2009-03-02 10:33:32 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-02-09 16:48:36 | 00,051,712 | ---- | C] () -- C:\WINDOWS\System32\mswocx.dll [2009-02-08 17:09:43 | 00,000,788 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Dane aplikacji\MPQEditor.ini [2009-02-08 15:43:52 | 00,000,715 | ---- | C] () -- C:\WINDOWS\WinInit.Ini [2009-02-03 20:42:12 | 00,000,073 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini [2009-02-03 16:02:05 | 00,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll [2009-02-03 16:02:03 | 00,064,512 | R--- | C] () -- C:\WINDOWS\System32\P17.dll [2009-01-27 14:22:26 | 00,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2009-01-27 14:22:26 | 00,000,008 | RHS- | C] () -- C:\WINDOWS\System32\06528ACC16.sys [2009-01-24 16:47:47 | 00,000,366 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2009-01-24 16:47:20 | 00,000,491 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2008-12-26 11:38:29 | 00,000,042 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2008-12-05 18:15:03 | 00,001,376 | ---- | C] () -- C:\WINDOWS\System32\zipfapy.dll [2008-12-05 18:13:24 | 00,000,022 | ---- | C] () -- C:\WINDOWS\System32\dciman13.sys [2008-12-05 17:42:49 | 00,000,002 | ---- | C] () -- C:\WINDOWS\System32\Dvbpws.dll [2008-11-24 19:55:39 | 00,120,832 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2008-11-24 12:43:08 | 00,000,004 | ---- | C] () -- C:\WINDOWS\info147.sys [2008-11-09 17:21:58 | 00,000,032 | ---- | C] () -- C:\WINDOWS\ZSAM.INI [2008-10-28 17:40:48 | 00,173,552 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2008-10-23 11:34:27 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-10-21 16:33:26 | 00,022,328 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Dane aplikacji\PnkBstrK.sys [2008-10-17 14:00:15 | 01,867,776 | ---- | C] () -- C:\WINDOWS\python24.dll [2008-10-11 14:26:32 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2008-10-11 14:26:01 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2008-09-26 14:38:14 | 00,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2008-09-26 14:38:14 | 00,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2008-09-25 14:09:22 | 00,083,456 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-09-24 22:33:32 | 00,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008-09-24 19:34:37 | 00,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008-09-24 07:22:23 | 00,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys [2008-09-24 07:15:10 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2008-09-24 07:15:09 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2008-09-24 07:15:08 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008-09-24 07:15:08 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-09-24 07:15:08 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008-09-24 07:15:08 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008-09-23 17:02:38 | 00,000,137 | ---- | C] () -- C:\Documents and Settings\Mój komputer\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2008-09-23 16:15:21 | 00,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll [2008-09-23 16:15:21 | 00,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys [2008-09-23 16:15:19 | 00,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys [2008-09-23 16:15:19 | 00,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys [2008-09-23 16:07:53 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2008-09-23 16:07:41 | 00,032,363 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2008-09-23 16:07:40 | 00,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2005-07-07 10:26:56 | 00,005,627 | ---- | C] () -- C:\WINDOWS\System32\Ludap17.ini [2005-03-08 07:17:08 | 00,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 507 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF @Alternate Data Stream - 205 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:436DEE1E @Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:E41EAF13 @Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:4EE74317 < End of report >

**Posty:** 18165 · przez **wojtas** 18 Sty 2010, 22:27

niestety Win32:Sality .. infekcja czestko konczy sie formatem wszystkich dysków ale powalczmy :

poczytaj temat od :
http://www.searchengines.pl/Infekcje-plikow-wykonywalnych-exe-dll-scr-t122692.html
Usuwanie infekcji plików wykonywalnych bez formatu

zastosuj pkt 1 zapisz sobie raport, potem pkt 2 czyszczenie z zewnątrz i na koniec Daj loga z combofixa ale zainstaluj wraz z nim konsolę odzyskiwania ( instrukcja programu ) + raport z Weba