Magania


(Scigaczxxx) #1

Z tym trojanem mam nastepujacy problem: zaczne od poczatku, mialem anty vira eseta stracil waznosc i po sciagnieciu kis 2010 wykryl mi ok 400 plikow zakazonych magania po czym usuna je. Przez pare dni byl spokoj ale teraz zrobilem skan i znowu bylo kilka plikow zainfekowanych, jak go teraz wywalic na dobre??

Prosze o pomoc.


(jessica) #2

Użyj szczepionki >Panda Vaccine

Potem:

Daj log z OTL

jessi


(Scigaczxxx) #3

OTL logfile created on: 2009-12-30 15:21:44 - Run 1

OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\Rzeznik 1\Pulpit

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free

4,00 Gb Paging File | 4,00 Gb Available in Paging File | 91,00% Paging File free

Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 24,41 Gb Total Space | 8,68 Gb Free Space | 35,55% Space Free | Partition Type: NTFS

Drive D: | 87,37 Gb Total Space | 23,57 Gb Free Space | 26,98% Space Free | Partition Type: NTFS

Drive E: | 74,52 Gb Total Space | 0,94 Gb Free Space | 1,26% Space Free | Partition Type: NTFS

Drive F: | 951,56 Mb Total Space | 950,74 Mb Free Space | 99,91% Space Free | Partition Type: FAT32

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: RZEZNIK

Current User Name: Rzeznik 1

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: On

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2009-12-30 15:09:33 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rzeznik 1\Pulpit\OTL.exe

PRC - [2009-12-16 22:14:29 | 00,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2009-10-20 19:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe

PRC - [2009-10-20 19:34:38 | 00,207,376 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe

PRC - [2009-03-27 09:03:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe

PRC - 2008-09-15 22:51:11 | 00,066,872 | ---- | M -- C:\WINDOWS\system32\PnkBstrA.exe

PRC - [2008-07-25 18:54:27 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2008-06-10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

PRC - [2008-04-01 10:39:48 | 00,486,856 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe

PRC - 2008-03-25 21:27:58 | 00,049,152 | ---- | M -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

PRC - 2008-03-13 09:34:28 | 00,081,920 | ---- | M -- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe

PRC - [2007-07-11 14:57:42 | 00,880,640 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

PRC - 2007-06-13 07:16:02 | 00,528,384 | R--- | M -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

PRC - [2007-03-16 02:23:20 | 00,983,040 | R--- | M] (Teleca AB) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe

PRC - 2007-02-13 15:20:50 | 01,205,840 | ---- | M -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

PRC - [2007-02-11 00:24:14 | 00,270,336 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe

PRC - [2004-08-04 01:44:30 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe

PRC - [2004-08-04 01:44:20 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2003-06-09 03:07:00 | 00,028,672 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE

PRC - [2000-06-26 06:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MsPMSPSv.exe

PRC - [1999-12-13 00:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE

========== Modules (SafeList) ==========

MOD - [2009-12-30 15:09:33 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rzeznik 1\Pulpit\OTL.exe

MOD - [2007-02-10 22:49:36 | 00,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\WINDOWS\system32\Amhooker.dll

MOD - [2004-08-04 01:42:34 | 01,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

MOD - [2003-06-09 03:07:08 | 00,057,344 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTAGENT.DLL

========== Win32 Services (SafeList) ==========

SRV - [2009-10-20 19:39:28 | 00,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)

SRV - 2009-05-01 21:22:57 | 00,182,768 | ---- | M [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)

SRV - [2009-03-27 09:03:00 | 00,163,908 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)

SRV - 2008-09-15 22:51:11 | 00,066,872 | ---- | M [Auto | Running] -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)

SRV - [2008-03-25 21:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)

SRV - [2008-03-25 20:38:24 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)

SRV - 2008-02-28 11:53:18 | 00,053,248 | ---- | M [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)

SRV - 2008-02-28 11:53:18 | 00,043,520 | ---- | M [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)

SRV - [2005-04-03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)

SRV - [2000-06-26 06:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\MsPMSPSv.exe -- (WMDM PMSP Service)

SRV - [1999-12-13 00:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access)

========== Driver Services (SafeList) ==========

DRV - [2009-12-27 23:19:36 | 00,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)

DRV - [2009-10-14 20:18:34 | 00,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)

DRV - [2009-10-02 18:39:44 | 00,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)

DRV - [2009-09-14 13:42:46 | 00,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)

DRV - [2009-09-01 14:29:50 | 00,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)

DRV - [2009-03-27 09:03:00 | 06,280,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)

DRV - [2008-09-16 19:00:39 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)

DRV - 2008-09-15 06:54:09 | 00,717,296 | ---- | M [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)

DRV - [2008-07-23 18:07:07 | 00,014,656 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)

DRV - 2008-01-24 22:22:08 | 00,021,568 | R--- | M [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)

DRV - 2008-01-24 22:22:07 | 00,016,496 | R--- | M [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)

DRV - 2008-01-24 22:22:06 | 00,049,920 | R--- | M [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)

DRV - [2007-06-19 08:51:20 | 00,107,304 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mdm.sys -- (s816mdm)

DRV - [2007-06-19 08:51:18 | 00,099,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mgmt.sys -- (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM)

DRV - 2007-06-19 08:51:18 | 00,097,704 | R--- | M [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816unic.sys -- (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM)

DRV - [2007-06-19 08:51:18 | 00,097,320 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816obex.sys -- (s816obex)

DRV - [2007-06-19 08:51:18 | 00,021,928 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816nd5.sys -- (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS)

DRV - [2007-06-19 08:51:18 | 00,013,864 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mdfl.sys -- (s816mdfl)

DRV - [2007-06-19 08:51:16 | 00,081,832 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816bus.sys -- (s816bus) Sony Ericsson Device 816 driver (WDM)

DRV - [2007-02-10 02:05:08 | 00,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amps2prt.sys -- (Amps2prt)

DRV - [2007-01-04 12:48:04 | 00,104,344 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e4usbaw.sys -- (e4usbaw)

DRV - [2007-01-04 12:47:48 | 00,069,656 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e4ldr.sys -- (E4LOADER) General Purpose USB Driver (e4ldr.sys)

DRV - 2006-11-22 07:01:00 | 00,250,496 | ---- | M [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)

DRV - [2006-11-21 19:27:58 | 00,043,648 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)

DRV - 2006-02-08 04:52:58 | 00,006,912 | R--- | M [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO)

DRV - [2004-08-03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)

DRV - [2004-08-03 22:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)

DRV - 2004-04-30 08:37:02 | 00,160,640 | ---- | M [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)

DRV - 2004-04-30 08:33:00 | 00,005,248 | ---- | M [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)

DRV - [2003-06-09 02:45:04 | 00,116,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)

DRV - [2003-06-09 02:44:52 | 00,136,448 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)

DRV - [2003-06-09 02:44:36 | 00,006,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)

DRV - [2003-06-09 02:44:32 | 00,113,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)

DRV - [2003-06-09 02:44:22 | 00,494,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)

DRV - [2003-06-09 02:42:58 | 00,186,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)

DRV - [2003-06-09 02:42:44 | 00,135,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)

DRV - [2003-06-09 02:42:28 | 00,819,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)

DRV - [2003-03-05 11:19:28 | 00,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PFMODNT.SYS -- (PfModNT)

DRV - [2001-08-18 00:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)

DRV - [2001-08-17 20:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sterownik filtru USB Sony (SONYPVU1)

DRV - [2001-08-17 20:19:20 | 00,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/default

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.2

FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.8.5

FF - prefs.js..extensions.enabledItems: timetrack@usablehack.com:1.2.4

FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736

FF - HKLM\software\mozilla\Firefox\Extensions\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-03-22 14:01:16 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\Components: C:\Program Files\Mozilla Firefox\components [2009-12-22 12:44:07 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-12-16 22:14:35 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

FF - HKLM\software\mozilla\Thunderbird\Extensions\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2009-12-27 23:01:47 | 00,000,000 | ---D | M]

[2008-07-23 18:54:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rzeznik 1\Dane aplikacji\Mozilla\Extensions

[2009-12-29 16:49:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rzeznik 1\Dane aplikacji\Mozilla\Firefox\Profiles\2rn4ms4x.default\extensions

2008-11-15 21:50:04 | 00,000,000 | ---D | M -- C:\Documents and Settings\Rzeznik 1\Dane aplikacji\Mozilla\Firefox\Profiles\2rn4ms4x.default\extensions{73a6fe31-595d-460b-a920-fcc0f8843232}

2008-11-15 21:38:36 | 00,000,000 | ---D | M -- C:\Documents and Settings\Rzeznik 1\Dane aplikacji\Mozilla\Firefox\Profiles\2rn4ms4x.default\extensions{a7c6cf7f-112c-4500-a7ea-39801a327e5f}

[2008-11-15 21:38:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Rzeznik 1\Dane aplikacji\Mozilla\Firefox\Profiles\2rn4ms4x.default\extensions\timetrack@usablehack.com

[2009-12-29 16:49:20 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2009-12-27 23:02:19 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru

2009-07-23 16:14:48 | 00,002,767 | ---- | M -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

2009-03-05 12:57:13 | 00,001,406 | ---- | M -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

2009-03-05 12:57:13 | 00,000,917 | ---- | M -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

2009-03-05 12:57:13 | 00,000,858 | ---- | M -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

2009-03-05 12:57:13 | 00,001,183 | ---- | M -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

2009-03-05 12:57:13 | 00,001,683 | ---- | M -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: (161317 bytes) - C:\WINDOWS\system32\drivers\etc\HOSTS

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 abcsearch.com

O1 - Hosts: 127.0.0.1 admin.abcsearch.com

O1 - Hosts: 127.0.0.1 www3.abcsearch.com #[browseraid]

O1 - Hosts: 127.0.0.1 www.abcsearch.com

O1 - Hosts: 127.0.0.1 abc517.net #[Trojan.Mitglieder.H]

O1 - Hosts: 127.0.0.1 acestats.com

O1 - Hosts: 127.0.0.1 www.acestats.com

O1 - Hosts: 127.0.0.1 actualnames.com #[Parasite.ActualNames]

O1 - Hosts: 127.0.0.1 www.actualnames.com

O1 - Hosts: 127.0.0.1 ad-up.com

O1 - Hosts: 127.0.0.1 www.ad-up.com

O1 - Hosts: 127.0.0.1 adatom.com

O1 - Hosts: 127.0.0.1 aesp.adatom.com

O1 - Hosts: 127.0.0.1 adbest.com

O1 - Hosts: 127.0.0.1 adserv.adbonus.com

O1 - Hosts: 127.0.0.1 www.adbonus.com

O1 - Hosts: 127.0.0.1 www.adblaster2.info #[Restricted Zone site]

O1 - Hosts: 127.0.0.1 ad2.adcept.net

O1 - Hosts: 127.0.0.1 ad3.adcept.net

O1 - Hosts: 127.0.0.1 www.adcept.net

O1 - Hosts: 127.0.0.1 adcomplete.com

O1 - Hosts: 127.0.0.1 www.adcomplete.com

O1 - Hosts: 127.0.0.1 www.adcopy.info

O1 - Hosts: 127.0.0.1 ads.adcorps.com

O1 - Hosts: 4671 more lines...

O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()

O2 - BHO: (My Global Search Bar BHO) - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)

O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)

O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Rzeznik 1\Dane aplikacji\Nowe Gadu-Gadu_userdata\ggbho.1.dll (GG Network S.A.)

O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O3 - HKLM..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM..\Toolbar: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

O3 - HKCU..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU..\Toolbar\ShellBrowser: (My Global Search Bar) - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL (My Global Search)

O3 - HKCU..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\JMRaidSetup.exe (Gigabyte Technology Corp.)

O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)

O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)

O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)

O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)

O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe ()

O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe ()

O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe ()

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [updReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)

O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe File not found

O4 - HKCU..\Run: [cdoosoft] C:\DOCUME~1\RZEZNI~1\USTAWI~1\Temp\herss.exe File not found

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)

O4 - HKCU..\Run: [eyeBeam SIP Client] File not found

O4 - HKCU..\Run: [skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)

O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)

O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)

O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)

O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)

O9 - Extra Button: Zaznaczanie HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl.sun.com/webapps/download/ ... leId=23100 (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)

O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - 2008-07-23 17:21:09 | 00,000,000 | ---- | M - C:\AUTOEXEC.BAT -- [NTFS]

O32 - AutoRun File - [2008-07-23 19:38:33 | 00,000,000 | ---D | M] - C:\Automap -- [NTFS]

O32 - AutoRun File - 2009-12-28 15:20:08 | 00,000,063 | RHS- | M - C:\autorun.inf -- [NTFS]

O32 - AutoRun File - 2009-12-28 15:20:08 | 00,000,063 | RHS- | M - D:\autorun.inf -- [NTFS]

O32 - AutoRun File - 2009-12-28 15:20:08 | 00,000,063 | RHS- | M - E:\autorun.inf -- [NTFS]

O32 - AutoRun File - 2009-12-30 15:12:22 | 00,000,016 | -H-- | M - F:\AUTORUN.INF -- [FAT32]

O33 - MountPoints2{c5240a59-58e0-11dd-ba03-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2{c5240a59-58e0-11dd-ba03-806d6172696f}\Shell\AutoRun\command - "" = E:\SETUP.EXE -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] -- "%1" %*

O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009-12-30 15:11:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Panda Security

[2009-12-30 15:11:44 | 00,000,000 | ---D | C] -- C:\Program Files\Panda USB Vaccine

[2009-12-30 15:09:32 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rzeznik 1\Pulpit\OTL.exe

[2009-12-27 23:01:09 | 00,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab

[2009-12-27 23:01:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab

[2009-12-27 23:00:42 | 00,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys

[2009-12-27 22:48:29 | 76,184,928 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\Rzeznik 1\Pulpit\kis9.0.0.736pl(2).exe

[2009-12-21 16:07:29 | 00,000,000 | ---D | C] -- C:\Program Files\A4Tech

[2009-12-21 16:07:15 | 00,036,864 | ---- | C] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\Amhooker.dll

[2009-12-21 16:07:15 | 00,014,336 | ---- | C] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\drivers\Amps2prt.sys

[2009-12-21 16:07:15 | 00,013,824 | ---- | C] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\drivers\Amusbprt.sys

[2009-12-21 16:07:15 | 00,010,240 | ---- | C] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\drivers\Arfumx86.sys

[2009-12-21 16:07:15 | 00,008,704 | ---- | C] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\drivers\Amfilter.sys

[2009-12-21 16:07:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rzeznik 1\Pulpit\2X-WheelA780

[2009-12-21 16:04:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rzeznik 1\Ustawienia lokalne\Dane aplikacji\Help

[2009-12-21 16:04:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rzeznik 1\Dane aplikacji\Help

[2009-12-19 14:48:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rzeznik 1\Pulpit\xxxxxx

[2009-12-18 19:24:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rzeznik 1\Ustawienia lokalne\Dane aplikacji\Blizzard Entertainment

[2009-12-07 08:57:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Rzeznik 1\Pulpit\dor

2009-09-24 17:39:24 | 00,160,640 | ---- | C -- C:\WINDOWS\System32\drivers\a347bus.sys

2009-09-24 17:39:24 | 00,005,248 | ---- | C -- C:\WINDOWS\System32\drivers\a347scsi.sys

[2009-09-09 15:57:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET

2008-07-23 18:17:31 | 00,065,536 | ---- | C -- C:\WINDOWS\System32\a3d.dll

[2008-07-23 17:24:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2008-07-23 17:24:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2008-07-23 17:20:48 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft

[2008-07-23 17:20:48 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

[5 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]

[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]

========== Files - Modified Within 30 Days ==========

2009-12-30 15:19:23 | 00,216,218 | ---- | M -- C:\WINDOWS\System32\nvapps.xml

2009-12-30 15:18:32 | 00,000,006 | -H-- | M -- C:\WINDOWS\tasks\SA.DAT

2009-12-30 15:18:26 | 00,002,048 | --S- | M -- C:\WINDOWS\bootstat.dat

2009-12-30 15:17:41 | 06,815,744 | -H-- | M -- C:\Documents and Settings\Rzeznik 1\NTUSER.DAT

2009-12-30 15:17:40 | 00,029,004 | ---- | M -- C:\WINDOWS\System32\BMXCtrlState-{00000005-00000000-00000000-00001102-00000002-80671102}.rfx

2009-12-30 15:17:40 | 00,029,004 | ---- | M -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000005-00000000-00000000-00001102-00000002-80671102}.rfx

2009-12-30 15:17:40 | 00,017,428 | ---- | M -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000000-00001102-00000002-80671102}.rfx

2009-12-30 15:17:40 | 00,017,428 | ---- | M -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000000-00001102-00000002-80671102}.rfx

2009-12-30 15:17:40 | 00,001,080 | ---- | M -- C:\WINDOWS\System32\settingsbkup.sfm

2009-12-30 15:17:40 | 00,001,080 | ---- | M -- C:\WINDOWS\System32\settings.sfm

2009-12-30 15:17:40 | 00,000,288 | ---- | M -- C:\WINDOWS\System32\DVCStateBkp-{00000005-00000000-00000000-00001102-00000002-80671102}.dat

2009-12-30 15:17:40 | 00,000,288 | ---- | M -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000000-00001102-00000002-80671102}.dat

2009-12-30 15:17:19 | 03,382,479 | ---- | M -- C:\WINDOWS{00000005-00000000-00000000-00001102-00000002-80671102}.CDF

2009-12-30 15:17:19 | 03,382,479 | ---- | M -- C:\WINDOWS{00000005-00000000-00000000-00001102-00000002-80671102}.BAK

[2009-12-30 15:09:33 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rzeznik 1\Pulpit\OTL.exe

2009-12-30 15:08:11 | 00,823,346 | ---- | M -- C:\Documents and Settings\Rzeznik 1\Pulpit\USBVaccine.zip

2009-12-30 09:15:54 | 00,000,543 | ---- | M -- C:\Documents and Settings\All Users\Pulpit\World of Warcraft.lnk

2009-12-29 23:54:20 | 00,000,292 | -HS- | M -- C:\Documents and Settings\Rzeznik 1\ntuser.ini

2009-12-28 20:05:37 | 00,021,870 | ---- | M -- C:\Documents and Settings\Rzeznik 1\Pulpit\18313.png

2009-12-28 15:20:08 | 00,000,063 | RHS- | M -- C:\autorun.inf

[2009-12-27 23:19:36 | 00,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys

2009-12-27 23:02:11 | 00,108,059 | ---- | M -- C:\WINDOWS\System32\drivers\klin.dat

2009-12-27 23:02:11 | 00,095,259 | ---- | M -- C:\WINDOWS\System32\drivers\klick.dat

[2009-12-27 22:59:40 | 76,184,928 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\Rzeznik 1\Pulpit\kis9.0.0.736pl(2).exe

2009-12-27 22:42:42 | 00,000,000 | ---- | M -- C:\Documents and Settings\Rzeznik 1\Pulpit\kis9.0.0.736pl.exe

2009-12-26 14:10:28 | 00,133,011 | ---- | M -- C:\Documents and Settings\Rzeznik 1\Pulpit\pre paid mastercard2.JPG

2009-12-26 14:09:17 | 00,153,390 | ---- | M -- C:\Documents and Settings\Rzeznik 1\Pulpit\pre paid mastercard.JPG

2009-12-21 16:07:03 | 01,460,099 | ---- | M -- C:\Documents and Settings\Rzeznik 1\Pulpit\2X-WheelA780.zip

2009-12-21 14:38:37 | 21,453,86496 | ---- | M -- C:\WINDOWS\MEMORY.DMP

2009-12-20 11:35:32 | 00,002,206 | ---- | M -- C:\WINDOWS\System32\wpa.dbl

2009-12-19 14:50:42 | 00,545,218 | ---- | M -- C:\Documents and Settings\Rzeznik 1\Pulpit\xxxxxx.rar

2009-12-19 13:03:20 | 00,246,754 | ---- | M -- C:\Documents and Settings\Rzeznik 1\Pulpit\Bartender4-4.4.2.zip

2009-12-18 20:22:08 | 05,346,768 | ---- | M -- C:\Documents and Settings\Rzeznik 1\Pulpit\QuestHelper-1.3.5.zip

2009-12-18 19:19:49 | 00,154,212 | ---- | M -- C:\Documents and Settings\Rzeznik 1\Pulpit\battle net hasla.JPG

2009-12-18 15:24:36 | 00,064,000 | ---- | M -- C:\Documents and Settings\Rzeznik 1\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2009-12-18 11:27:53 | 00,000,104 | ---- | M -- C:\Documents and Settings\Rzeznik 1\Pulpit\Skrót do Mój komputer.lnk

2009-12-11 16:36:33 | 00,245,754 | ---- | M -- C:\Documents and Settings\Rzeznik 1\Pulpit\xxxxxxx.JPG

[5 C:\WINDOWS*.tmp files -> C:\WINDOWS*.tmp ->]

[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]

========== Files Created - No Company Name ==========

2009-12-30 15:08:09 | 00,823,346 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Pulpit\USBVaccine.zip

2009-12-28 20:05:37 | 00,021,870 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Pulpit\18313.png

2009-12-28 12:07:15 | 00,000,063 | RHS- | C -- C:\autorun.inf

2009-12-27 23:02:11 | 00,108,059 | ---- | C -- C:\WINDOWS\System32\drivers\klin.dat

2009-12-27 23:02:11 | 00,095,259 | ---- | C -- C:\WINDOWS\System32\drivers\klick.dat

2009-12-27 22:42:42 | 00,000,000 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Pulpit\kis9.0.0.736pl.exe

2009-12-26 14:10:28 | 00,133,011 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Pulpit\pre paid mastercard2.JPG

2009-12-26 14:09:16 | 00,153,390 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Pulpit\pre paid mastercard.JPG

2009-12-21 16:03:39 | 01,460,099 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Pulpit\2X-WheelA780.zip

2009-12-21 15:48:49 | 02,770,951 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Pulpit\Kopia tibiasoft_com_TibiaAutoSetup_1_19_8.exe

2009-12-21 14:13:39 | 00,006,528 | ---- | C -- C:\WINDOWS\System32\drivers\MOUSEWD.SYS

2009-12-19 14:50:41 | 00,545,218 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Pulpit\xxxxxx.rar

2009-12-19 13:03:09 | 00,246,754 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Pulpit\Bartender4-4.4.2.zip

2009-12-18 20:21:25 | 05,346,768 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Pulpit\QuestHelper-1.3.5.zip

2009-12-18 19:19:48 | 00,154,212 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Pulpit\battle net hasla.JPG

2009-12-18 11:27:53 | 00,000,104 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Pulpit\Skrót do Mój komputer.lnk

2009-12-11 16:36:32 | 00,245,754 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Pulpit\xxxxxxx.JPG

2009-11-02 16:02:32 | 00,000,023 | ---- | C -- C:\WINDOWS\BlendSettings.ini

2009-03-27 09:03:00 | 01,724,416 | ---- | C -- C:\WINDOWS\System32\nvwdmcpl.dll

2009-03-27 09:03:00 | 01,503,232 | ---- | C -- C:\WINDOWS\System32\nview.dll

2009-03-27 09:03:00 | 01,101,824 | ---- | C -- C:\WINDOWS\System32\nvwimg.dll

2009-03-27 09:03:00 | 00,466,944 | ---- | C -- C:\WINDOWS\System32\nvshell.dll

2009-03-22 18:23:01 | 00,000,427 | ---- | C -- C:\WINDOWS\ODBC.INI

2009-03-22 13:56:20 | 00,001,204 | ---- | C -- C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log

2008-09-15 22:51:23 | 00,022,328 | ---- | C -- C:\WINDOWS\System32\drivers\PnkBstrK.sys

2008-09-15 06:54:09 | 00,717,296 | ---- | C -- C:\WINDOWS\System32\drivers\sptd.sys

2008-09-14 16:52:45 | 00,064,000 | ---- | C -- C:\Documents and Settings\Rzeznik 1\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2008-07-24 17:40:57 | 00,000,754 | ---- | C -- C:\WINDOWS\WORDPAD.INI

2008-07-23 19:25:51 | 00,163,840 | ---- | C -- C:\WINDOWS\System32\unrar.dll

2008-07-23 19:25:47 | 01,559,040 | ---- | C -- C:\WINDOWS\System32\xvidcore.dll

2008-07-23 19:25:47 | 00,282,624 | ---- | C -- C:\WINDOWS\System32\xvidvfw.dll

2008-07-23 19:25:46 | 03,596,288 | ---- | C -- C:\WINDOWS\System32\qt-dx331.dll

2008-07-23 19:25:45 | 00,000,547 | ---- | C -- C:\WINDOWS\System32\ff_vfw.dll.manifest

2008-07-23 19:25:44 | 00,007,680 | ---- | C -- C:\WINDOWS\System32\ff_vfw.dll

2008-07-23 18:38:05 | 00,000,169 | ---- | C -- C:\WINDOWS\adidsl.ini

2008-07-23 18:38:05 | 00,000,021 | ---- | C -- C:\WINDOWS\Fast800.ini

2008-07-23 18:38:00 | 00,000,990 | ---- | C -- C:\WINDOWS\adiras.ini

2008-07-23 18:37:55 | 00,200,704 | ---- | C -- C:\WINDOWS\System32\coclassfast.dll

2008-07-23 18:37:55 | 00,046,892 | ---- | C -- C:\WINDOWS\System32\ADADIX16.DLL

2008-07-23 18:18:16 | 00,000,231 | ---- | C -- C:\WINDOWS\AC3API.INI

2008-07-23 18:17:43 | 00,035,674 | ---- | C -- C:\WINDOWS\System32\Emu10kx.ini

2008-07-23 18:17:43 | 00,000,029 | ---- | C -- C:\WINDOWS\System32\ctzapxx.ini

2008-07-23 18:17:36 | 00,005,515 | ---- | C -- C:\WINDOWS\System32\ENSDEF.INI

2008-07-23 18:17:36 | 00,000,192 | ---- | C -- C:\WINDOWS\System32\KILL.INI

2008-07-23 18:17:18 | 00,000,307 | ---- | C -- C:\WINDOWS\SBWIN.INI

2004-08-04 01:44:00 | 00,081,920 | ---- | C -- C:\WINDOWS\System32\ieencode.dll

< End of report >


(jessica) #4

Dziwne, że szczepionka nie usunęła głównych plików infekcji!

Uruchom OTL i w oknie Custom Scans/Fixes wklej to:

Kliknij w Run Fix. Zatwierdź restart komputera.

Następnie uruchom OTL ponownie, tym razem wywołaj opcję Run Scan.

Pokaż nowy log OTL.txt oraz log z czyszczenia.

Log wklej na http://wklejto.pl/, a w poście daj tylko link.(czyli skopiuj adres z paska adresów)

jessi


(Scigaczxxx) #5

log z czyszczenia http://www.wklejto.pl/51958

log ze scanu http://www.wklejto.pl/51959


(jessica) #6

Jak Ty wkleiłeś te logi, że są nie do odczytania?

Popatrz w innych tematach, jak wyglądają logi, i porównaj to ze swoimi!

jessi


(PWmeess) #7

@jessica

zmień sobie na dole strony format z txt na png - to wtedy da się odczytać :slight_smile:

Swoją drogą nie wiem jak on to wkleił :smiley:


(deFco247) #8

Przez Przeglądaj... :wink:

Na wklejto.pl należy ręcznie kopiować zawartość logów w pole do wklejania tekstu.


(Scigaczxxx) #9

sorki nie wiedzialem

z czyszczenia http://www.wklejto.pl/52009

ze skanu http://www.wklejto.pl/52010


(jessica) #10

Jest OK.

W OTL kliknij na przycisk "CleanUp" - to go usunie razem z jego Kwarantanną.

..


(Monczkin) #11

ballon , przeczytaj ten temat i popraw tytuł oraz posty z logami. Inaczej zostanie usunięty.

zasady-wklejania-logow-forum-tytulowania-tematow-t253052.html