Psw.sboy.a log poraz kolejny http://www.wklejto.pl/44435

witam

po odszukaniu informacji na temat psw.sboya postanowilem zabrac sie za usunięcie robala:D aczkolwiek jestem laikiem w dziedzinie logów zainstalowwałem hi jack tu jest log http://www.wklejto.pl/44435 wykasowałem :

F2 - REG:system.ini: UserInit=userinit.exe,EXPLORER.EXE

O4 - HKCU…\Run: [EXPLORER.EXE] EXPLORER.EXE

bo temat opisywany byl wczesniej po uruchomieniu mks vira udało się niby usunąć ale widzę po zeskanowaniu w hijacku ze jeszcze jest:/ komputer zaczął poprawnie pracować przynajmniej tak mi się wydaje mam znowu dostęp do dysków twardych ale coś tam może siedzieć proszę o poradę dzięki bardzo i pozdrawiam

W logu widać infekcję z pendrive’a, więc :

Daj log z OTL

jessi

http://www.wklejto.pl/44436 chyba czas poduczyć się logów wielkie dzięki jessi

Uruchom OTL i w oknie Custom Scans/Fixes wklej to:

Kliknij w Run Fix. Zatwierdź restart komputera.

Następnie uruchom OTL ponownie, tym razem wywołaj opcję Run Scan.

Pokaż nowy log OTL.txt oraz log z czyszczenia.

jessi

skadowałem log z oczyszczenia niechcący;/ a tu jest OTL

OTL logfile created on: 2009-10-15 12:10:28 - Run 2

OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\szester\Pulpit

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

255,30 Mb Total Physical Memory | 43,87 Mb Available Physical Memory | 17,18% Memory free

618,01 Mb Paging File | 393,81 Mb Available in Paging File | 63,72% Paging File free

Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 17,58 Gb Total Space | 12,21 Gb Free Space | 69,44% Space Free | Partition Type: NTFS

Drive D: | 19,68 Gb Total Space | 10,23 Gb Free Space | 52,01% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: BROWN

Current User Name: szester

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2009-10-15 09:50:33 | 00,521,216 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\szester\Pulpit\OTL.exe

PRC - [2009-08-28 13:13:02 | 00,832,808 | ---- | M] (Opera Software) – C:\Program Files\Opera\Opera.exe

PRC - [2009-02-27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) – C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

PRC - [2008-09-27 23:04:00 | 00,143,168 | ---- | M] (ConeXware, Inc.) – C:\Program Files\PowerArchiver\PASTARTER.EXE

PRC - [2008-07-09 09:05:20 | 00,919,016 | ---- | M] (Zone Labs, LLC) – C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

PRC - [2008-07-09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) – C:\WINDOWS\System32\ZoneLabs\vsmon.exe

PRC - [2007-10-30 22:37:22 | 01,654,784 | ---- | M] (Belkin) – C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe

PRC - [2004-08-04 00:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\System32\wscntfy.exe

PRC - [2004-08-04 00:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\Explorer.EXE

PRC - [2004-04-15 15:05:00 | 00,077,824 | ---- | M] (NVIDIA Corporation) – C:\WINDOWS\System32\nvsvc32.exe

PRC - [2004-02-20 15:00:28 | 00,088,363 | ---- | M] (Agere Systems) – C:\WINDOWS\AGRSMMSG.exe

PRC - [2003-10-30 16:46:18 | 00,192,512 | ---- | M] (Alps Electric Co., Ltd.) – C:\Program Files\Apoint2K\Apoint.exe

PRC - [2003-09-26 15:43:16 | 00,184,320 | ---- | M] (Agere Systems) – C:\Program Files\ltmoh\Ltmoh.exe

PRC - [2003-02-26 11:08:42 | 00,045,056 | ---- | M] (Alps Electric Co., Ltd.) – C:\Program Files\Apoint2K\Apntex.exe

PRC - [2002-09-20 16:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) – C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

========== Win32 Services (SafeList) ==========

SRV - [2008-07-09 09:05:18 | 00,075,304 | ---- | M] (Zone Labs, LLC) – C:\WINDOWS\System32\ZoneLabs\vsmon.exe – (vsmon [Auto | Running])

SRV - [2005-09-23 07:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe – (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

SRV - [2005-09-23 07:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe – (aspnet_state [On_Demand | Stopped])

SRV - [2004-08-04 00:44:08 | 00,038,912 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll – (helpsvc [Auto | Running])

SRV - [2004-04-15 15:05:00 | 00,077,824 | ---- | M] (NVIDIA Corporation) – C:\WINDOWS\System32\nvsvc32.exe – (NVSvc [Auto | Running])

SRV - [2002-12-17 17:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) – C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe – (MSSQL$SONY_MEDIAMGR [On_Demand | Stopped])

SRV - [2002-12-17 17:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) – C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE – (SQLAgent$SONY_MEDIAMGR [On_Demand | Stopped])

SRV - [2002-12-17 17:23:30 | 00,066,112 | ---- | M] (Microsoft Corporation) – C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe – (MSSQLServerADHelper [On_Demand | Stopped])

SRV - [2002-09-20 16:50:10 | 00,045,056 | ---- | M] (Analog Devices, Inc.) – C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe – (SoundMAX Agent Service (default) [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2009-09-07 23:56:19 | 00,020,747 | ---- | M] (Meetinghouse Data Communications) – C:\WINDOWS\System32\DRIVERS\AegisP.sys – (AegisP [Auto | Running])

DRV - [2008-07-09 09:05:22 | 00,394,952 | ---- | M] (Zone Labs, LLC) – C:\WINDOWS\System32\vsdatant.sys – (vsdatant [system | Running])

DRV - [2008-02-27 03:10:44 | 00,051,176 | ---- | M] (Zone Labs, LLC) – C:\WINDOWS\system32\ZoneLabs\srescan.sys – (srescan [boot | Running])

DRV - [2007-10-02 04:06:40 | 00,451,968 | ---- | M] (Ralink Technology, Corp.) – C:\WINDOWS\System32\DRIVERS\rt73.sys – (RT73 [On_Demand | Stopped])

DRV - [2004-08-03 23:07:56 | 00,059,264 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\System32\drivers\usbaudio.sys – (usbaudio [On_Demand | Stopped])

DRV - [2004-07-17 11:36:38 | 00,027,440 | ---- | M] () – C:\WINDOWS\System32\DRIVERS\secdrv.sys – (Secdrv [On_Demand | Stopped])

DRV - [2004-04-15 15:05:00 | 01,376,268 | ---- | M] (NVIDIA Corporation) – C:\WINDOWS\System32\DRIVERS\nv4_mini.sys – (nv [On_Demand | Running])

DRV - [2004-02-20 15:00:44 | 01,265,388 | ---- | M] (Agere Systems) – C:\WINDOWS\System32\DRIVERS\AGRSM.sys – (AgereSoftModem [On_Demand | Running])

DRV - [2004-01-02 02:52:34 | 01,646,720 | ---- | M] (Intel® Corporation) – C:\WINDOWS\System32\DRIVERS\w22n51.sys – (w22n51 [On_Demand | Running])

DRV - [2003-12-10 17:11:26 | 00,100,153 | ---- | M] (Alps Electric Co., Ltd.) – C:\WINDOWS\System32\DRIVERS\Apfiltr.sys – (ApfiltrService [On_Demand | Running])

DRV - [2003-10-06 15:01:48 | 00,593,536 | ---- | M] (Analog Devices, Inc.) – C:\WINDOWS\System32\drivers\smwdm.sys – (smwdm [On_Demand | Running])

DRV - [2003-07-03 14:15:20 | 00,100,256 | ---- | M] (Andrea Electronics Corporation) – C:\WINDOWS\System32\drivers\aeaudio.sys – (aeaudio [On_Demand | Running])

DRV - [2003-06-11 08:53:22 | 00,006,867 | ---- | M] () – C:\WINDOWS\System32\drivers\TBiosDrv.sys – (TBiosDrv [Auto | Running])

DRV - [2002-09-25 06:09:12 | 00,140,800 | ---- | M] (Intel Corporation) – C:\WINDOWS\System32\DRIVERS\e100b325.sys – (E100B [On_Demand | Running])

DRV - [2001-08-17 21:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) – C:\WINDOWS\System32\DRIVERS\ptilink.sys – (Ptilink [On_Demand | Running])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl … ar=msnhome

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl … r=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl … r=iesearch

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl … r=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

O1 HOSTS File: (742 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (ZoneAlarm Spy Blocker BHO) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)

O3 - HKLM…\Toolbar: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)

O3 - HKCU…\Toolbar\WebBrowser: (ZoneAlarm Spy Blocker) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL (ZoneAlarm)

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM…\Run: [AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe (Agere Systems)

O4 - HKLM…\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)

O4 - HKLM…\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe (Belkin)

O4 - HKLM…\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe (Agere Systems)

O4 - HKLM…\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM…\Run: [NVRotateSysTray] C:\WINDOWS\System32\nvsysrot.DLL (NVIDIA Corporation)

O4 - HKLM…\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)

O4 - HKLM…\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)

O4 - HKCU…\Run: [NVIEW] C:\WINDOWS\System32\nview.DLL (NVIDIA Corporation)

O4 - HKCU…\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE (ConeXware, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra ‘Tools’ menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O15 - HKLM…Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.228.6.43 89.228.6.83

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-09-02 18:04:38 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

O35 - comfile [open] – “%1” %* File not found

O35 - exefile [open] – “%1” %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009-09-22 16:41:18 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Adobe

[2009-10-07 15:11:56 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\ConeXware

[2009-09-21 15:42:30 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\MailFrontier

[2009-09-21 21:04:58 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Skype

[2009-10-07 16:04:04 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Sony

[2009-09-22 13:59:31 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Soulseek

[2009-09-21 15:56:40 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\Adobe

[2009-09-21 14:19:58 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\dvdcss

[2009-10-14 08:47:34 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\GHISLER

[2009-09-21 15:56:41 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\Macromedia

[2009-10-07 16:35:14 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\NetMedia Providers

[2009-09-21 16:01:09 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\Nowe Gadu-Gadu

[2009-09-21 15:48:16 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\Opera

[2009-10-07 16:35:14 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\Publish Providers

[2009-09-21 21:07:05 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\Skype

[2009-09-21 21:16:32 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\skypePM

[2009-10-07 16:04:49 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\Sony

[2009-10-07 15:34:25 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\Sony Setup

[2009-09-24 19:14:16 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\Winamp

[2009-10-07 15:03:38 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Dane aplikacji\WinRAR

[2009-09-22 17:16:42 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Ustawienia lokalne\Dane aplikacji\Adobe

[2009-09-21 16:04:11 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Ustawienia lokalne\Dane aplikacji\cache

[2009-09-21 15:48:17 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Ustawienia lokalne\Dane aplikacji\Opera

[2009-10-07 16:35:04 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Ustawienia lokalne\Dane aplikacji\Sony

[2009-09-22 16:40:15 | 00,000,000 | —D | C] – C:\Program Files\Common Files\Adobe

[2009-09-21 21:06:08 | 00,000,000 | —D | C] – C:\Program Files\Common Files\Skype

[2009-09-22 16:40:14 | 00,000,000 | —D | C] – C:\Program Files\Adobe

[2009-10-11 08:45:44 | 00,000,000 | —D | C] – C:\Program Files\Audacity

[2009-10-11 11:45:23 | 00,000,000 | —D | C] – C:\Program Files\coolpro2

[2009-09-23 20:56:31 | 00,000,000 | —D | C] – C:\Program Files\Gadu-Gadu

[2009-10-07 16:05:15 | 00,000,000 | —D | C] – C:\Program Files\Microsoft SQL Server

[2009-09-21 15:47:49 | 00,000,000 | —D | C] – C:\Program Files\Opera

[2009-10-07 15:11:14 | 00,000,000 | —D | C] – C:\Program Files\PowerArchiver

[2009-10-14 09:07:06 | 00,000,000 | —D | C] – C:\Program Files\SkanerOnline

[2009-09-21 21:06:06 | 00,000,000 | R–D | C] – C:\Program Files\Skype

[2009-10-07 16:01:31 | 00,000,000 | —D | C] – C:\Program Files\Sony

[2009-10-07 15:28:46 | 00,000,000 | —D | C] – C:\Program Files\Sony Setup

[2009-09-22 13:59:14 | 00,000,000 | —D | C] – C:\Program Files\SoulseekNS

[2009-10-14 10:30:20 | 00,000,000 | —D | C] – C:\Program Files\Trend Micro

[2009-10-07 16:02:35 | 00,000,000 | —D | C] – C:\Program Files\Vstplugins

[2009-09-24 19:14:16 | 00,000,000 | —D | C] – C:\Program Files\Winamp

[2009-10-07 15:03:28 | 00,000,000 | —D | C] – C:\Program Files\WinRAR

[2009-09-21 15:28:22 | 00,000,000 | —D | C] – C:\Program Files\Zone Labs

[2009-09-21 15:43:59 | 00,000,000 | —D | C] – C:\Program Files\ZoneAlarmSB

[2009-10-15 12:05:59 | 00,000,000 | —D | C] – C:_OTL

[2009-10-15 09:50:31 | 00,521,216 | ---- | C] (OldTimer Tools) – C:\Documents and Settings\szester\Pulpit\OTL.exe

[2009-10-14 10:24:57 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Pulpit\hijack

[2009-10-14 08:47:34 | 00,000,000 | —D | C] – C:\totalcmd

[2009-10-14 08:46:27 | 03,211,616 | ---- | C] (Ghisler Software GmbH) – C:\Documents and Settings\szester\Pulpit\tcmd750a.exe

[2009-10-13 20:14:32 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Pulpit\rag_and_bone-warlock-totter015-vinyl-2007-bass

[2009-10-13 19:36:24 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Pulpit\project

[2009-10-13 16:57:38 | 00,070,144 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\AhnRpta.exe

[2009-10-11 11:47:04 | 00,665,424 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\wmv8dmoe.dll

[2009-10-11 11:47:04 | 00,572,752 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\wmvdmoe.dll

[2009-10-11 11:47:04 | 00,438,608 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\wmv8dmod.dll

[2009-10-11 11:47:03 | 01,683,792 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\wmvcore2.dll

[2009-10-11 11:47:03 | 00,285,184 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\wmidx2.ocx

[2009-10-11 10:54:25 | 00,014,048 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\spmsg.dll

[2009-10-11 10:45:30 | 00,000,000 | —D | C] – C:\WINDOWS\System32\drivers\UMDF

[2009-10-11 10:44:53 | 00,023,856 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\spupdsvc.exe

[2009-10-07 16:36:13 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Moje dokumenty\Sony Media Libraries

[2009-10-07 16:35:04 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Moje dokumenty\Sony ACID Pro 6.0 Projects

[2009-10-07 16:06:27 | 00,033,340 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\dbmsqlgc.dll

[2009-10-07 16:06:27 | 00,024,576 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\dbmsgnet.dll

[2009-10-07 16:01:33 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Moje dokumenty\Sony

[2009-10-07 15:44:47 | 00,000,000 | R-SD | C] – C:\WINDOWS\assembly

[2009-10-07 15:42:47 | 00,000,000 | —D | C] – C:\WINDOWS\Microsoft.NET

[2009-10-07 15:11:56 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Moje dokumenty\Backups

[2009-10-03 08:20:06 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Pulpit\Uproot (2008)

[2009-09-27 16:28:29 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Moje dokumenty\Soulseek Chat Logs

[2009-09-23 12:23:50 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Pulpit\Nowy folder (2)

[2009-09-21 20:38:39 | 00,000,000 | —D | C] – C:\Documents and Settings\szester\Pulpit\Nowy folder

[2009-09-21 15:42:14 | 00,075,248 | ---- | C] (Zone Labs, LLC) – C:\WINDOWS\zllsputility.exe

[2009-09-21 15:42:13 | 00,011,264 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\SpOrder.dll

[2009-09-21 15:41:59 | 00,071,144 | ---- | C] (Zone Labs, LLC) – C:\WINDOWS\System32\vsregexp.dll

[2009-09-21 15:41:57 | 00,071,144 | ---- | C] (Zone Labs, LLC) – C:\WINDOWS\System32\zlcommdb.dll

[2009-09-21 15:41:56 | 00,083,432 | ---- | C] (Zone Labs, LLC) – C:\WINDOWS\System32\zlcomm.dll

[2009-09-21 15:41:44 | 00,046,568 | ---- | C] (Zone Labs, LLC) – C:\WINDOWS\System32\vswmi.dll

[2009-09-21 15:41:43 | 01,086,952 | ---- | C] (Python Software Foundation) – C:\WINDOWS\System32\zpeng24.dll

[2009-09-21 15:41:43 | 00,275,944 | ---- | C] (Zone Labs, LLC) – C:\WINDOWS\System32\vspubapi.dll

[2009-09-21 15:41:43 | 00,103,912 | ---- | C] (Zone Labs, LLC) – C:\WINDOWS\System32\vsmonapi.dll

[2009-09-21 15:41:43 | 00,099,816 | ---- | C] (Zone Labs, LLC) – C:\WINDOWS\System32\vsxml.dll

[2009-09-21 15:41:43 | 00,000,000 | —D | C] – C:\WINDOWS\System32\ZoneLabs

[2009-09-21 15:41:42 | 00,394,952 | ---- | C] (Zone Labs, LLC) – C:\WINDOWS\System32\vsdatant.sys

[2009-09-21 15:41:14 | 00,472,552 | ---- | C] (Zone Labs, LLC) – C:\WINDOWS\System32\vsutil.dll

[2009-09-21 15:41:14 | 00,157,160 | ---- | C] (Zone Labs, LLC) – C:\WINDOWS\System32\vsinit.dll

[2009-09-21 15:41:14 | 00,083,432 | ---- | C] (Zone Labs, LLC) – C:\WINDOWS\System32\vsdata.dll

[2009-09-21 15:27:50 | 00,000,000 | —D | C] – C:\WINDOWS\Internet Logs

[2009-09-20 13:53:11 | 00,059,264 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\drivers\USBAUDIO.sys

[2009-09-20 13:53:11 | 00,059,264 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\dllcache\usbaudio.sys

[2009-09-20 13:53:04 | 00,031,616 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\drivers\usbccgp.sys

[2009-09-20 13:53:04 | 00,031,616 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\dllcache\usbccgp.sys

========== Files - Modified Within 30 Days ==========

[2009-10-15 12:09:00 | 00,352,918 | ---- | M] () – C:\WINDOWS\System32\vsconfig.xml

[2009-10-15 12:08:42 | 00,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT

[2009-10-15 12:08:35 | 00,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat

[2009-10-15 12:07:18 | 04,299,420 | -H-- | M] () – C:\Documents and Settings\szester\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2009-10-15 09:50:33 | 00,521,216 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\szester\Pulpit\OTL.exe

[2009-10-14 21:42:00 | 00,117,640 | ---- | M] () – C:\test.htm

[2009-10-14 15:42:37 | 00,002,267 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Skype.lnk

[2009-10-14 12:40:26 | 30,229,632 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\jadyma ELO.mp3

[2009-10-14 10:42:40 | 00,000,671 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\FIX.REG

[2009-10-14 10:30:21 | 00,001,734 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\HijackThis.lnk

[2009-10-14 08:47:39 | 00,000,548 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\Total Commander.lnk

[2009-10-14 08:46:36 | 03,211,616 | ---- | M] (Ghisler Software GmbH) – C:\Documents and Settings\szester\Pulpit\tcmd750a.exe

[2009-10-13 23:04:35 | 04,861,984 | -HS- | M] () – C:\WINDOWS\System32\drivers\fidbox.dat

[2009-10-13 16:35:08 | 00,054,528 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\jadyma.acd-bak

[2009-10-13 15:54:42 | 00,002,206 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl

[2009-10-13 15:54:00 | 00,057,536 | -HS- | M] () – C:\WINDOWS\System32\drivers\fidbox.idx

[2009-10-13 15:52:27 | 00,054,520 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\jadyma.acd

[2009-10-13 14:38:17 | 00,054,520 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\jadyma.acd-bak-bak

[2009-10-11 18:38:30 | 20,848,956 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\jadyma.mp3

[2009-10-11 11:47:20 | 00,000,507 | ---- | M] () – C:\WINDOWS\win.ini

[2009-10-11 11:47:20 | 00,000,259 | ---- | M] () – C:\WINDOWS\system.ini

[2009-10-11 11:47:07 | 00,156,910 | ---- | M] () – C:\WINDOWS\WMSysPr8.prx

[2009-10-11 11:46:50 | 00,000,682 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Cool Edit Pro 2.0.lnk

[2009-10-11 11:09:02 | 00,002,444 | ---- | M] () – C:\Documents and Settings\szester\Moje dokumenty\Register Sound Forge Pro.htm

[2009-10-11 11:04:59 | 00,001,733 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Sound Forge Pro 10.0.lnk

[2009-10-11 10:53:47 | 00,001,393 | ---- | M] () – C:\WINDOWS\imsins.BAK

[2009-10-11 10:53:03 | 00,316,640 | ---- | M] () – C:\WINDOWS\WMSysPr9.prx

[2009-10-11 10:46:47 | 00,000,000 | -H-- | M] () – C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2009-10-11 08:45:49 | 00,000,630 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\Audacity.lnk

[2009-10-07 16:41:40 | 00,002,540 | ---- | M] () – C:\Documents and Settings\szester\Moje dokumenty\Register ACID Pro.htm

[2009-10-07 16:06:38 | 00,466,416 | ---- | M] () – C:\WINDOWS\System32\perfh015.dat

[2009-10-07 16:06:38 | 00,410,460 | ---- | M] () – C:\WINDOWS\System32\perfh009.dat

[2009-10-07 16:06:38 | 00,082,332 | ---- | M] () – C:\WINDOWS\System32\perfc015.dat

[2009-10-07 16:06:38 | 00,066,614 | ---- | M] () – C:\WINDOWS\System32\perfc009.dat

[2009-10-07 16:06:37 | 00,987,606 | ---- | M] () – C:\WINDOWS\System32\PerfStringBackup.INI

[2009-10-07 15:11:27 | 00,001,711 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\PowerArchiver.lnk

[2009-10-07 00:54:29 | 00,027,250 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\DJ-Rupture - Uproot (2008).zip

[2009-10-03 08:13:38 | 63,034,678 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\emil-dupstepmix.mp3

[2009-09-26 21:37:29 | 00,007,680 | ---- | M] () – C:\Documents and Settings\szester\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-09-25 18:51:03 | 00,198,486 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\drug wallpaper best green marijuana with shakespear quote(highq).jpg

[2009-09-25 18:50:22 | 00,536,223 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\StickyPointMagazine_05_1600.jpg

[2009-09-25 12:19:59 | 03,077,472 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\Tiago Benzinho - New Zealand.mp3

[2009-09-25 12:17:04 | 02,810,561 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\Tiago Benzinho - Suburbia.mp3

[2009-09-24 19:15:28 | 00,000,664 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Winamp.lnk

[2009-09-24 07:50:10 | 00,000,545 | ---- | M] () – C:\WINDOWS\UC.PIF

[2009-09-24 07:50:10 | 00,000,545 | ---- | M] () – C:\WINDOWS\RAR.PIF

[2009-09-24 07:50:10 | 00,000,545 | ---- | M] () – C:\WINDOWS\PKZIP.PIF

[2009-09-24 07:50:10 | 00,000,545 | ---- | M] () – C:\WINDOWS\PKUNZIP.PIF

[2009-09-24 07:50:10 | 00,000,545 | ---- | M] () – C:\WINDOWS\NOCLOSE.PIF

[2009-09-24 07:50:10 | 00,000,545 | ---- | M] () – C:\WINDOWS\LHA.PIF

[2009-09-24 07:50:10 | 00,000,545 | ---- | M] () – C:\WINDOWS\ARJ.PIF

[2009-09-23 20:56:40 | 00,000,653 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\Gadu-Gadu.lnk

[2009-09-22 16:42:11 | 00,001,729 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk

[2009-09-22 16:29:00 | 00,415,091 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\rozkladyZajecPrezentacja3.pdf

[2009-09-22 13:59:01 | 01,028,938 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\slsk157NS13e.exe

[2009-09-21 21:16:35 | 00,000,056 | -H-- | M] () – C:\WINDOWS\System32\ezsidmv.dat

[2009-09-21 15:47:55 | 00,000,592 | ---- | M] () – C:\Documents and Settings\All Users\Pulpit\Opera.lnk

[2009-09-21 15:43:58 | 00,004,212 | -H-- | M] () – C:\WINDOWS\System32\zllictbl.dat

[2009-09-21 15:04:11 | 00,000,154 | ---- | M] () – C:\Documents and Settings\szester\Pulpit\Skrót do Połączenia sieciowe.lnk

========== Files - No Company Name ==========

[2009-10-14 12:39:04 | 30,229,632 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\jadyma ELO.mp3

[2009-10-14 10:42:39 | 00,000,671 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\FIX.REG

[2009-10-14 10:30:21 | 00,001,734 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\HijackThis.lnk

[2009-10-14 08:47:39 | 00,000,548 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\Total Commander.lnk

[2009-10-14 08:47:34 | 00,000,545 | ---- | C] () – C:\WINDOWS\UC.PIF

[2009-10-14 08:47:34 | 00,000,545 | ---- | C] () – C:\WINDOWS\RAR.PIF

[2009-10-14 08:47:34 | 00,000,545 | ---- | C] () – C:\WINDOWS\PKZIP.PIF

[2009-10-14 08:47:34 | 00,000,545 | ---- | C] () – C:\WINDOWS\PKUNZIP.PIF

[2009-10-14 08:47:34 | 00,000,545 | ---- | C] () – C:\WINDOWS\NOCLOSE.PIF

[2009-10-14 08:47:34 | 00,000,545 | ---- | C] () – C:\WINDOWS\LHA.PIF

[2009-10-14 08:47:34 | 00,000,545 | ---- | C] () – C:\WINDOWS\ARJ.PIF

[2009-10-13 19:52:31 | 05,390,162 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\boreta - bubblin in the cut.mp3

[2009-10-13 19:43:54 | 06,826,653 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\akira kiteshi - pinball.mp3

[2009-10-13 19:42:42 | 05,381,942 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\05 - ghetto story remix.mp3

[2009-10-11 18:37:42 | 20,848,956 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\jadyma.mp3

[2009-10-11 16:35:17 | 00,054,528 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\jadyma.acd-bak

[2009-10-11 16:35:17 | 00,054,520 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\jadyma.acd-bak-bak

[2009-10-11 16:35:17 | 00,054,520 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\jadyma.acd

[2009-10-11 11:47:07 | 00,156,910 | ---- | C] () – C:\WINDOWS\WMSysPr8.prx

[2009-10-11 11:46:49 | 00,000,682 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Cool Edit Pro 2.0.lnk

[2009-10-11 11:09:02 | 00,002,444 | ---- | C] () – C:\Documents and Settings\szester\Moje dokumenty\Register Sound Forge Pro.htm

[2009-10-11 11:04:59 | 00,001,733 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Sound Forge Pro 10.0.lnk

[2009-10-11 10:46:47 | 00,000,000 | -H-- | C] () – C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[2009-10-11 08:45:49 | 00,000,630 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\Audacity.lnk

[2009-10-07 16:41:39 | 00,002,540 | ---- | C] () – C:\Documents and Settings\szester\Moje dokumenty\Register ACID Pro.htm

[2009-10-07 15:11:27 | 00,001,711 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\PowerArchiver.lnk

[2009-10-03 08:07:45 | 63,034,678 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\emil-dupstepmix.mp3

[2009-10-03 08:02:49 | 00,027,250 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\DJ-Rupture - Uproot (2008).zip

[2009-09-25 20:24:01 | 02,391,712 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\DSC00989.JPG

[2009-09-25 20:06:26 | 02,707,407 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\DSC01019.JPG

[2009-09-25 20:05:23 | 02,613,080 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\DSC01013.JPG

[2009-09-25 20:04:45 | 02,574,619 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\DSC01011.JPG

[2009-09-25 18:51:03 | 00,198,486 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\drug wallpaper best green marijuana with shakespear quote(highq).jpg

[2009-09-25 18:50:21 | 00,536,223 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\StickyPointMagazine_05_1600.jpg

[2009-09-25 12:19:46 | 03,077,472 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\Tiago Benzinho - New Zealand.mp3

[2009-09-25 12:16:51 | 02,810,561 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\Tiago Benzinho - Suburbia.mp3

[2009-09-24 23:35:31 | 00,117,640 | ---- | C] () – C:\test.htm

[2009-09-24 19:15:28 | 00,000,664 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Winamp.lnk

[2009-09-23 20:56:40 | 00,000,653 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\Gadu-Gadu.lnk

[2009-09-22 16:42:08 | 00,001,729 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Adobe Reader 9.lnk

[2009-09-22 16:25:23 | 00,415,091 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\rozkladyZajecPrezentacja3.pdf

[2009-09-22 13:58:52 | 01,028,938 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\slsk157NS13e.exe

[2009-09-21 21:16:35 | 00,000,056 | -H-- | C] () – C:\WINDOWS\System32\ezsidmv.dat

[2009-09-21 21:06:11 | 00,002,267 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Skype.lnk

[2009-09-21 15:47:55 | 00,000,592 | ---- | C] () – C:\Documents and Settings\All Users\Pulpit\Opera.lnk

[2009-09-21 15:45:23 | 04,861,984 | -HS- | C] () – C:\WINDOWS\System32\drivers\fidbox.dat

[2009-09-21 15:45:23 | 00,057,536 | -HS- | C] () – C:\WINDOWS\System32\drivers\fidbox.idx

[2009-09-21 15:42:24 | 00,004,212 | -H-- | C] () – C:\WINDOWS\System32\zllictbl.dat

[2009-09-21 15:41:59 | 00,796,048 | ---- | C] () – C:\WINDOWS\System32\libeay32_0.9.6l.dll

[2009-09-21 15:41:42 | 00,352,918 | ---- | C] () – C:\WINDOWS\System32\vsconfig.xml

[2009-09-21 15:04:11 | 00,000,154 | ---- | C] () – C:\Documents and Settings\szester\Pulpit\Skrót do Połączenia sieciowe.lnk

[2009-09-08 00:46:43 | 00,007,680 | ---- | C] () – C:\Documents and Settings\szester\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-09-08 00:46:31 | 00,001,115 | ---- | C] () – C:\WINDOWS\bestplayer.ini

[2009-09-07 23:56:14 | 00,005,224 | ---- | C] () – C:\WINDOWS\System32\ucuiinfo.ini

[2009-09-02 19:53:55 | 00,012,328 | ---- | C] () – C:\Documents and Settings\szester\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT

[2009-09-02 19:50:26 | 00,000,062 | -HS- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\desktop.ini

[2009-09-02 18:31:55 | 00,006,867 | ---- | C] () – C:\WINDOWS\System32\drivers\tbiosdrv.sys

[2009-09-02 18:21:46 | 00,016,384 | ---- | C] () – C:\WINDOWS\System32\e100bmsg.dll

[2009-09-02 18:20:00 | 00,128,113 | ---- | C] () – C:\WINDOWS\System32\csellang.ini

[2009-09-02 18:20:00 | 00,045,056 | ---- | C] () – C:\WINDOWS\System32\csellang.dll

[2009-09-02 18:20:00 | 00,010,165 | ---- | C] () – C:\WINDOWS\System32\tosmreg.ini

[2009-09-02 18:20:00 | 00,007,671 | ---- | C] () – C:\WINDOWS\System32\cseltbl.ini

[2009-09-02 18:16:59 | 04,299,420 | -H-- | C] () – C:\Documents and Settings\szester\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2009-09-02 18:11:22 | 00,000,062 | -HS- | C] () – C:\Documents and Settings\szester\Dane aplikacji\desktop.ini

[2004-08-04 00:44:00 | 00,081,920 | ---- | C] () – C:\WINDOWS\System32\ieencode.dll

[2004-07-17 11:36:38 | 00,027,440 | ---- | C] () – C:\WINDOWS\System32\drivers\secdrv.sys

[2001-07-21 22:16:20 | 00,000,507 | ---- | C] () – C:\WINDOWS\win.ini

[2001-07-21 22:15:52 | 00,000,259 | ---- | C] () – C:\WINDOWS\system.ini

< End of report >

Lepiej było dać ten log na “wklejto.pl”, a tu tylko link, ale to sprawa dla Moderatora.

Log jest czysty.

Teraz w OTL kliknij na przycisk “CleanUp”.

Usuń kopie szkodników z folderu “System Volume Information” poprzez chwilowe wyłączenie “Przywracania Systemu”:

jessi

sorry za wpis następnym razem wklejto wrzuce dzięki jess