Witam, szukalem na google i wyczytalem troche na temat svchost. Ale nadal nie wiem jak usunac. Mam taki problem na kompie ze jak wlacze w trybie awaryjnym to wyskakuje okienko ze za 60sek komputer zostanie uruchomiony ponownie. W trybie normalnym svchost obciaza procka w 100% i pewnie okienko tez by chcialo wyskoczyc, ale tak komputer obciazony jest ze nie moze sie zaladowac. Zauwazylem ze jesli odlacze internet to wtedy jest idealnie. Nie ma sladu ze byl jakis wirus.
Pokaż log z: OTL
Przestawiasz w nim Processes i Modules na All oraz wklejasz w dolne białe okienko Custom Scans/Fixes :
Klikasz Run Scan. - otl-gmer-rsit-dds-inne-instrukcje-t370405.html
– Dodane 26.12.2009 (So) 15:57 –
znalazlem ze jest to sizszyd32.exe. jak go skasowac? najlepiej jak by mozna bylo to zrobic recznie
Ściągnij -->Avenger.
wklej do niego ten tekst:
Files to delete:
E:\WINDOWS\System32\fjhdyfhsn.bat
E:\Documents and Settings\LocalService\Dane aplikacji\fvgqad.dat
E:\WINDOWS\System32\drivers\yecicaa.sys
E:\Documents and Settings\NetworkService\Dane aplikacji\fvgqad.dat
E:\Documents and Settings\Paweł\Dane aplikacji\avdrn.dat
E:\Documents and Settings\Paweł\Menu Start\Programy\Autostart\siszyd32.exe
E:\WINDOWS\Temp\~TM1E.tmp
Drivers to delete:
yecicaa
Registry values to delete:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | sysgif32
Kliknij w " Execute" i zatwierdź restart komputera.
Zrestartuj komputer.
Daj Raport z Avengera z C:\avenger.txt.
I nowy log z OTL.
JESSI
chcac byc samodzielny podjąłem probe skasowania tego siszyd32. I chyba sie udalo, a te pliki co mam skasowac to wirusy czy smieci?
Użyj powyższego skryptu bez linijki:
Gdyż i tak tu jest rootkit, którego usunąć się nie da ręcznie.
Avenger
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at E:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "E:\WINDOWS\System32\fjhdyfhsn.bat" deleted successfully.
File "E:\Documents and Settings\LocalService\Dane aplikacji\fvgqad.dat" deleted successfully.
File "E:\WINDOWS\System32\drivers\yecicaa.sys" deleted successfully.
File "E:\Documents and Settings\NetworkService\Dane aplikacji\fvgqad.dat" deleted successfully.
File "E:\Documents and Settings\Paweł\Dane aplikacji\avdrn.dat" deleted successfully.
Error: file "E:\WINDOWS\Temp\~TM1E.tmp" not found!
Deletion of file "E:\WINDOWS\Temp\~TM1E.tmp" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Driver "yecicaa" deleted successfully.
Registry value "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run|sysgif32" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
OTL logfile created on: 2009-12-26 18:12:06 - Run 2
OTL by OldTimer - Version 3.1.20.1 Folder = E:\Documents and Settings\Paweł\Pulpit
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
959,00 Mb Total Physical Memory | 409,00 Mb Available Physical Memory | 43,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): E:\pagefile.sys 1440 2880 [binary data]
%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive C: | 9,77 Gb Total Space | 0,08 Gb Free Space | 0,82% Space Free | Partition Type: NTFS
Drive D: | 9,32 Gb Total Space | 8,99 Gb Free Space | 96,54% Space Free | Partition Type: NTFS
Drive E: | 68,36 Gb Total Space | 32,66 Gb Free Space | 47,78% Space Free | Partition Type: NTFS
Drive F: | 70,91 Gb Total Space | 36,60 Gb Free Space | 51,61% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 243,73 Mb Total Space | 53,29 Mb Free Space | 21,86% Space Free | Partition Type: FAT
Computer Name: PAULIK
Current User Name: Paweł
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (All) ==========[/color]
PRC - [2009-12-26 15:29:40 | 00,513,536 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Paweł\Pulpit\OTL.exe
PRC - [2009-11-25 20:20:09 | 00,208,616 | ---- | M] (Kaspersky Lab) -- E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
PRC - [2009-08-06 19:24:06 | 00,053,472 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\wuauclt.exe
PRC - [2009-08-05 02:12:14 | 01,098,752 | ---- | M] () -- E:\Program Files\VS Online\VSOnline.exe
PRC - [2009-04-09 18:20:40 | 00,066,872 | ---- | M] () -- E:\WINDOWS\system32\PnkBstrA.exe
PRC - [2009-03-09 10:32:34 | 02,564,408 | ---- | M] (www.BitComet.com) -- E:\Program Files\BitComet\BitComet.exe
PRC - [2008-12-10 00:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- D:\xampp\apache\bin\httpd.exe
PRC - [2008-11-23 19:06:50 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- E:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2008-11-23 19:06:50 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- E:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2008-11-18 16:31:04 | 21,633,320 | R--- | M] (Skype Technologies S.A.) -- E:\Program Files\Skype\Phone\Skype.exe
PRC - [2008-11-18 16:31:04 | 00,076,744 | R--- | M] (Skype Technologies) -- E:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2008-08-08 13:11:12 | 00,490,952 | ---- | M] (DT Soft Ltd) -- E:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008-06-27 21:28:26 | 00,471,040 | ---- | M] (Global Graphics Software Ltd.) -- E:\Program Files\Global Graphics\Jaws PDF Creator 5\PDFClient.exe
PRC - [2008-06-27 21:25:46 | 00,143,360 | ---- | M] (Global Graphics Software Ltd.) -- E:\WINDOWS\system32\PDFCreatorMessages.exe
PRC - [2008-03-20 11:04:46 | 02,127,296 | ---- | M] (Gadu-Gadu S.A.) -- E:\Program Files\Gadu-Gadu\gg.exe
PRC - [2008-03-14 22:48:44 | 02,580,480 | ---- | M] (OpenOffice.org) -- E:\Program Files\OpenOffice.org 2.4\program\soffice.bin
PRC - [2008-03-14 22:48:42 | 02,363,392 | ---- | M] (OpenOffice.org) -- E:\Program Files\OpenOffice.org 2.4\program\soffice.exe
PRC - [2007-10-09 00:55:10 | 00,057,856 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\spoolsv.exe
PRC - [2007-06-13 14:23:49 | 01,034,752 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\explorer.exe
PRC - [2006-10-31 14:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) -- E:\WINDOWS\system32\nvsvc32.exe
PRC - [2006-08-01 19:10:18 | 16,049,664 | ---- | M] (Realtek Semiconductor Corp.) -- E:\WINDOWS\RTHDCPL.exe
PRC - [2006-07-13 16:59:48 | 00,131,131 | ---- | M] (NVIDIA Corporation) -- E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006-07-13 16:59:32 | 00,065,599 | ---- | M] (NVIDIA Corporation) -- E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2006-04-03 18:04:02 | 00,020,543 | ---- | M] (Apache Software Foundation) -- E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2004-08-04 03:44:30 | 00,504,832 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 03:44:30 | 00,218,112 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2004-08-04 03:44:30 | 00,126,464 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\wbem\wmiapsrv.exe
PRC - [2004-08-04 03:44:28 | 00,108,544 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\services.exe
PRC - [2004-08-04 03:44:28 | 00,050,688 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 03:44:28 | 00,033,280 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\rundll32.exe
PRC - [2004-08-04 03:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 03:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 03:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 03:44:28 | 00,014,336 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 03:44:22 | 00,013,312 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 03:44:20 | 00,015,360 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-04 03:44:20 | 00,006,144 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\csrss.exe
PRC - [2004-08-04 03:44:18 | 00,044,544 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\alg.exe
PRC - [2003-09-14 21:08:14 | 02,928,700 | ---- | M] () -- E:\usr\mysql\bin\mysqld.exe
[color=#E56717]========== Modules (All) ==========[/color]
MOD - [2009-12-26 15:29:40 | 00,513,536 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Paweł\Pulpit\OTL.exe
MOD - [2008-12-21 00:48:54 | 01,163,264 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\urlmon.dll
MOD - [2008-12-21 00:48:48 | 06,068,736 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\ieframe.dll
MOD - [2008-12-21 00:48:48 | 00,267,776 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\iertutil.dll
MOD - [2008-10-23 13:53:07 | 00,284,160 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\gdi32.dll
MOD - [2008-10-15 17:55:55 | 00,339,456 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\netapi32.dll
MOD - [2008-07-29 20:22:12 | 00,079,112 | ---- | M] (Kaspersky Lab) -- E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd3.dll
MOD - [2008-07-29 20:22:08 | 00,079,112 | ---- | M] (Kaspersky Lab) -- E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd.dll
MOD - [2008-07-03 14:16:27 | 08,483,328 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\shell32.dll
MOD - [2008-06-20 18:37:41 | 00,147,968 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\dnsapi.dll
MOD - [2008-02-26 12:49:59 | 00,297,984 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\msctf.dll
MOD - [2007-12-04 19:31:00 | 00,551,936 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\oleaut32.dll
MOD - [2007-10-17 20:34:04 | 00,233,472 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\ntshrui.dll
MOD - [2007-10-16 00:19:48 | 00,218,624 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\uxtheme.dll
MOD - [2007-10-09 01:00:18 | 01,014,784 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\kernel32.dll
MOD - [2007-10-09 00:59:47 | 00,343,040 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\msvcrt.dll
MOD - [2007-10-09 00:56:08 | 00,019,968 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\linkinfo.dll
MOD - [2007-10-09 00:55:42 | 01,285,632 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\ole32.dll
MOD - [2007-10-09 00:55:34 | 00,498,688 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\clbcatq.dll
MOD - [2007-10-09 00:52:09 | 00,586,240 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\mlang.dll
MOD - [2007-07-13 23:54:58 | 00,498,688 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\shlwapi.dll
MOD - [2007-07-13 23:52:44 | 00,325,120 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\mstask.dll
MOD - [2007-07-10 14:06:54 | 00,642,560 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\user32.dll
MOD - [2007-07-09 14:20:23 | 00,582,656 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\rpcrt4.dll
MOD - [2007-05-11 10:51:24 | 01,271,296 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\setupapi.dll
MOD - [2006-08-25 11:51:14 | 01,054,208 | R--- | M] (Microsoft Corporation) -- E:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004-08-04 03:44:32 | 00,146,432 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 03:44:16 | 00,172,544 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-04 03:44:16 | 00,082,944 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\ws2_32.dll
MOD - [2004-08-04 03:44:16 | 00,019,968 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\ws2help.dll
MOD - [2004-08-04 03:44:14 | 00,729,088 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\userenv.dll
MOD - [2004-08-04 03:44:14 | 00,018,944 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\version.dll
MOD - [2004-08-04 03:44:12 | 00,067,584 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 03:44:10 | 00,064,000 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\samlib.dll
MOD - [2004-08-04 03:44:10 | 00,055,808 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\secur32.dll
MOD - [2004-08-04 03:44:10 | 00,023,040 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 03:44:08 | 00,119,808 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-04 03:44:08 | 00,083,456 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 03:44:08 | 00,067,072 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\ntdsapi.dll
MOD - [2004-08-04 03:44:04 | 00,059,904 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\mpr.dll
MOD - [2004-08-04 03:44:00 | 00,110,080 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\imm32.dll
MOD - [2004-08-04 03:43:58 | 00,185,856 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 03:43:56 | 00,822,272 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\comres.dll
MOD - [2004-08-04 03:43:56 | 00,279,552 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\comdlg32.dll
MOD - [2004-08-04 03:43:54 | 00,126,976 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-04 03:43:54 | 00,058,880 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\atl.dll
MOD - [2004-08-04 03:43:52 | 00,686,080 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\advapi32.dll
MOD - [2004-08-04 03:43:48 | 00,716,288 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\ntdll.dll
MOD - [2004-08-04 03:42:58 | 00,177,152 | ---- | M] (Microsoft Corporation) -- E:\WINDOWS\system32\MSCTFIME.IME
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2009-11-25 20:20:09 | 00,208,616 | ---- | M] (Kaspersky Lab) [Auto | Running] -- E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe -- (AVP)
SRV - [2009-04-09 18:20:40 | 00,066,872 | ---- | M] () [Auto | Running] -- E:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2008-12-10 00:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) [Auto | Running] -- D:\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2008-11-23 19:06:50 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- E:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2008-06-27 21:25:46 | 00,143,360 | ---- | M] (Global Graphics Software Ltd.) [Auto | Running] -- E:\WINDOWS\system32\PDFCreatorMessages.exe -- (PDFCreatorMessages)
SRV - [2006-10-31 14:35:00 | 00,155,715 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- E:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2006-07-13 16:59:48 | 00,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2006-07-13 16:59:32 | 00,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2006-04-03 18:04:02 | 00,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)
SRV - [2005-04-03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003-09-14 21:08:14 | 02,928,700 | ---- | M] () [Auto | Running] -- E:\usr/MYSQL/bin/mysqld.exe -- (MySql)
SRV - [2003-07-28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2009-11-25 20:20:09 | 00,213,520 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- E:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2009-11-25 20:20:09 | 00,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- E:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2008-12-10 15:56:26 | 00,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV - [2008-11-24 22:02:11 | 00,717,296 | ---- | M] () [Kernel | Boot | Running] -- E:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008-07-21 18:34:36 | 00,121,872 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- E:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2008-04-30 18:06:48 | 00,024,592 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2008-01-18 15:16:28 | 00,100,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\a016obex.sys -- (a016obex)
DRV - [2008-01-18 15:16:26 | 00,110,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\a016mdm.sys -- (a016mdm)
DRV - [2008-01-18 15:16:26 | 00,104,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\a016mgmt.sys -- (a016mgmt) Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM)
DRV - [2008-01-18 15:16:24 | 00,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\a016mdfl.sys -- (a016mdfl)
DRV - [2008-01-18 15:16:22 | 00,083,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\a016bus.sys.bak -- (a016bus) Sony Ericsson Device A016 driver (WDM)
DRV - [2007-11-13 11:25:55 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007-10-17 19:23:27 | 00,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- E:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2007-10-17 19:22:42 | 00,096,384 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007-10-17 19:21:47 | 00,011,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007-10-16 00:19:55 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007-08-10 02:11:40 | 00,102,400 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- E:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2007-03-08 00:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- E:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006-10-31 14:35:00 | 03,964,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006-08-01 19:07:02 | 04,356,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-07-11 21:38:30 | 00,020,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006-07-11 21:38:28 | 00,057,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006-07-01 23:32:26 | 00,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- E:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004-10-25 19:02:58 | 00,021,664 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\Entech.sys -- (ENTECH)
DRV - [2004-08-04 00:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2001-08-18 02:49:56 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001-08-17 21:14:24 | 00,444,416 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- E:\WINDOWS\system32\drivers\fpcibase.sys -- (fpcibase)
DRV - [2001-08-17 21:13:48 | 00,037,568 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- E:\WINDOWS\system32\drivers\avmwan.sys -- (AVMWAN)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.1
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.07
FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.1.6.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2009-12-18 16:07:35 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2009-12-17 21:19:39 | 00,000,000 | ---D | M]
[2008-11-23 19:04:36 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Paweł\Dane aplikacji\Mozilla\Extensions
[2009-12-23 20:56:25 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Paweł\Dane aplikacji\Mozilla\Firefox\Profiles\6x66tjni.default\extensions
[2009-04-01 13:51:27 | 00,000,000 | ---D | M] (SHOUTcast Radio Toolbar) -- E:\Documents and Settings\Paweł\Dane aplikacji\Mozilla\Firefox\Profiles\6x66tjni.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}
[2008-11-28 00:55:18 | 00,000,000 | ---D | M] (BitComet Video Downloader) -- E:\Documents and Settings\Paweł\Dane aplikacji\Mozilla\Firefox\Profiles\6x66tjni.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2008-11-23 19:11:25 | 00,000,000 | ---D | M] (Adblock Plus) -- E:\Documents and Settings\Paweł\Dane aplikacji\Mozilla\Firefox\Profiles\6x66tjni.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009-04-17 22:14:35 | 00,000,000 | ---D | M] -- E:\Documents and Settings\Paweł\Dane aplikacji\Mozilla\Firefox\Profiles\6x66tjni.default\extensions\firegestures@xuldev.org
[2008-11-24 22:45:05 | 00,000,523 | ---- | M] () -- E:\Documents and Settings\Paweł\Dane aplikacji\Mozilla\Firefox\Profiles\6x66tjni.default\searchplugins\daemon-search.xml
[2009-04-01 14:00:04 | 00,001,184 | ---- | M] () -- E:\Documents and Settings\Paweł\Dane aplikacji\Mozilla\Firefox\Profiles\6x66tjni.default\searchplugins\winamp-search.xml
[2009-12-24 21:10:10 | 00,000,000 | ---D | M] -- E:\Program Files\Mozilla Firefox\extensions
[2008-11-11 08:38:54 | 00,663,552 | ---- | M] (BitComet) -- E:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009-07-24 22:12:42 | 00,002,767 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2008-11-28 12:07:55 | 00,001,406 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2008-11-28 12:07:55 | 00,000,917 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2008-11-28 12:07:55 | 00,000,858 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2008-11-28 12:07:55 | 00,001,183 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2008-11-28 12:07:55 | 00,001,683 | ---- | M] () -- E:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: (742 bytes) - E:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [AVP] E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] E:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] E:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] E:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PDFCreatorClient] E:\Program Files\Global Graphics\Jaws PDF Creator 5\PDFClient.exe (Global Graphics Software Ltd.)
O4 - HKLM..\Run: [RTHDCPL] E:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AQQ] C:\Program Files\WapSter\WapSter AQQ\AQQ.exe ()
O4 - HKCU..\Run: [BitComet] E:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O4 - HKCU..\Run: [DAEMON Tools Lite] E:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Gadu-Gadu] E:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKCU..\Run: [Skype] E:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [VS Online] E:\Program Files\VS Online\VSOnline.exe ()
O4 - Startup: E:\Documents and Settings\Paweł\Menu Start\Programy\Autostart\OpenOffice.org 2.4.lnk = E:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - E:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - E:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Pobierz za pomocą BitComet - E:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - E:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - E:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (E:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll) - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (E:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - E:\WINDOWS\system32\klogon.dll - E:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-10-23 16:55:24 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [NTFS]
O33 - MountPoints2\{951bfe19-29f3-11de-994b-000e2e3a00f5}\Shell - "" = AutoRun
O33 - MountPoints2\{951bfe19-29f3-11de-994b-000e2e3a00f5}\Shell\AutoRun\command - "" = I:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2009-12-26 18:08:34 | 00,000,000 | ---D | C] -- E:\Avenger
[2009-12-26 18:06:54 | 00,000,000 | RH-D | C] -- E:\Documents and Settings\Paweł\Recent
[2009-12-26 17:54:09 | 00,000,000 | ---D | C] -- E:\_OTL
[2009-12-26 17:41:13 | 00,513,536 | ---- | C] (OldTimer Tools) -- E:\Documents and Settings\Paweł\Pulpit\OTL.exe
[2009-12-26 14:46:43 | 00,000,000 | ---D | C] -- E:\Program Files\Trend Micro
[2009-12-26 14:39:44 | 00,000,000 | ---D | C] -- E:\Qoobox
[2009-12-26 14:39:44 | 00,000,000 | ---D | C] -- E:\WINDOWS\ERDNT
[2009-12-26 14:39:44 | 00,000,000 | ---D | C] -- E:\ComboFix
[2009-12-25 12:32:55 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Paweł\Pulpit\Nowy folder (2)
[2009-12-24 23:31:41 | 00,000,000 | ---D | C] -- E:\Icons
[2009-12-24 23:05:51 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Paweł\WapSter
[2009-12-24 22:59:34 | 00,000,000 | ---D | C] -- E:\Program Files\WapSter
[2009-12-23 00:14:26 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Paweł\Pulpit\mod_weather
[2009-12-22 23:34:48 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Paweł\Pulpit\jumla
[2009-12-19 14:29:01 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Paweł\Pulpit\phpMyAdmin-3.2.4-all-languages
[2009-12-19 11:36:16 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Paweł\Ustawienia lokalne\Dane aplikacji\GHISLER
[2009-12-18 20:29:19 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Paweł\Dane aplikacji\PlayFirst
[2009-12-18 20:29:19 | 00,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Dane aplikacji\PlayFirst
[2009-12-18 20:29:18 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Paweł\Dane aplikacji\Thinstall
[2009-12-18 20:10:37 | 03,211,616 | ---- | C] (Ghisler Software GmbH) -- E:\Documents and Settings\Paweł\Pulpit\tcmd750a[wwww.instalki.pl].exe
[2009-12-13 13:59:19 | 00,000,000 | ---D | C] -- E:\Documents and Settings\Paweł\Pulpit\Hotel.Dash.Suite.Success.v1.0.0.136.Portable
[2009-12-11 19:36:31 | 00,000,000 | ---D | C] -- E:\dysk d
[2009-12-11 18:36:27 | 00,000,000 | -HSD | C] -- E:\WINDOWS\CSC
[2009-12-06 16:59:42 | 07,867,199 | ---- | C] ( ) -- E:\Documents and Settings\Paweł\Pulpit\b-Link 1.1 Setup.exe
[2008-11-22 20:19:21 | 00,000,000 | --SD | M] -- E:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-11-22 20:19:21 | 00,000,000 | --SD | M] -- E:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2008-11-22 20:19:21 | 00,000,000 | --SD | M] -- E:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2008-11-22 20:19:21 | 00,000,000 | --SD | M] -- E:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2009-12-26 18:09:09 | 00,210,649 | ---- | M] () -- E:\WINDOWS\System32\nvapps.xml
[2009-12-26 18:08:58 | 00,000,006 | -H-- | M] () -- E:\WINDOWS\tasks\SA.DAT
[2009-12-26 18:08:57 | 00,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2009-12-26 18:08:05 | 06,816,800 | -HS- | M] () -- E:\WINDOWS\System32\drivers\fidbox.dat
[2009-12-26 18:08:05 | 00,614,432 | -HS- | M] () -- E:\WINDOWS\System32\drivers\fidbox2.dat
[2009-12-26 18:08:05 | 00,057,480 | -HS- | M] () -- E:\WINDOWS\System32\drivers\fidbox.idx
[2009-12-26 18:08:05 | 00,006,324 | -HS- | M] () -- E:\WINDOWS\System32\drivers\fidbox2.idx
[2009-12-26 18:07:01 | 05,242,880 | -H-- | M] () -- E:\Documents and Settings\Paweł\NTUSER.DAT
[2009-12-26 18:07:01 | 00,000,188 | -HS- | M] () -- E:\Documents and Settings\Paweł\ntuser.ini
[2009-12-26 15:29:40 | 00,513,536 | ---- | M] (OldTimer Tools) -- E:\Documents and Settings\Paweł\Pulpit\OTL.exe
[2009-12-26 14:58:09 | 02,950,867 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\masters & matrix - tarzan 2008 (tarzan boy cover)[by jedras888][www.disco-polo.mp3
[2009-12-26 14:47:19 | 03,438,625 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\dj matrix - la tipica ragazza italiana.mp3
[2009-12-26 14:46:44 | 00,001,743 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\HijackThis.lnk
[2009-12-26 14:43:45 | 03,634,617 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\dj matrix-la vita a volte e strana (put version).mp3
[2009-12-26 03:17:30 | 03,477,077 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\modern talking - win the race.mp3
[2009-12-26 02:21:11 | 03,907,114 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\03 - dj matrix - la vita a volte e strana (beach mix).mp3
[2009-12-24 22:45:44 | 04,975,880 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\manian & dan winter - black toys vol 1.mp3
[2009-12-24 14:19:49 | 09,848,768 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\AQQ_FN_21050.exe
[2009-12-24 12:37:46 | 02,834,771 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\coldplay - viva la vida (dance remix)(2).mp3
[2009-12-24 12:33:29 | 00,820,838 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\coldplay - viva la vida (dance remix).mp3
[2009-12-24 12:21:54 | 03,911,756 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\coldplay - viva la vida.mp3
[2009-12-23 23:32:02 | 03,862,019 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\drossel - mariolka 2008.mp3
[2009-12-23 21:56:07 | 00,046,813 | ---- | M] () -- E:\Documents and Settings\Paweł\Moje dokumenty\mns.JPG
[2009-12-23 00:15:18 | 04,233,744 | -H-- | M] () -- E:\Documents and Settings\Paweł\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-12-23 00:14:07 | 00,003,510 | ---- | M] () -- E:\WINDOWS\WINCMD.INI
[2009-12-22 23:59:22 | 04,282,486 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\time - impreza 2008.mp3
[2009-12-22 23:51:17 | 00,000,273 | ---- | M] () -- E:\WINDOWS\wcx_ftp.ini
[2009-12-22 21:55:09 | 03,757,110 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\nena - 99 luftballoons.mp3
[2009-12-22 21:07:17 | 00,619,056 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\com_xeslidegallm_pl.zip
[2009-12-22 21:06:21 | 00,009,881 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\mod_marketplace5_111_pl(2).zip
[2009-12-22 21:06:01 | 00,075,035 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\com_marketplace_12_pl(2).zip
[2009-12-22 21:05:05 | 00,403,535 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\com_ezine_21_lite.zip
[2009-12-22 21:04:40 | 00,075,035 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\com_marketplace_12_pl.zip
[2009-12-22 21:04:39 | 00,009,881 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\mod_marketplace5_111_pl.zip
[2009-12-22 21:01:32 | 00,347,462 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\com_musixbox1.0.3-pl.zip
[2009-12-22 20:59:39 | 00,192,999 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\com_marketplace_131-utf8.zip
[2009-12-22 14:07:56 | 00,009,651 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\cennik.ods
[2009-12-21 20:25:44 | 03,442,387 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\ruska - dawaj, dawaj! (cala)001e40ae%11.mp3
[2009-12-21 17:06:57 | 03,577,775 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\natali - veter s morya dul (club remix).mp3
[2009-12-21 16:23:45 | 02,462,991 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\Cover - 6 NA 9 [www.DiscoStrefa.info].mp3
[2009-12-21 12:56:53 | 03,271,442 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\natali - ya lublu tebya (plikus.pl).mp3
[2009-12-19 20:07:56 | 06,874,412 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\jumla.zip
[2009-12-19 15:09:04 | 00,000,291 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\XAMPP Control Panel.lnk
[2009-12-19 11:35:56 | 00,040,972 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\mod_superfishmenu.rar
[2009-12-18 20:28:04 | 01,610,240 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\photoslide_2_pack.zip
[2009-12-18 20:10:48 | 03,211,616 | ---- | M] (Ghisler Software GmbH) -- E:\Documents and Settings\Paweł\Pulpit\tcmd750a[wwww.instalki.pl].exe
[2009-12-18 19:49:04 | 00,162,858 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\pl-PL.joomla1515-admin-site.zip
[2009-12-18 17:08:49 | 49,405,864 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\rails_blog_2.mov
[2009-12-18 14:09:48 | 03,480,840 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\standard - ola, ola.mp3
[2009-12-17 22:19:27 | 03,492,961 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\two boys - jestes dla mnie aniolerzuta.pl%0E9.mp3
[2009-12-17 14:17:35 | 02,239,875 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\radio chlew - rolnicze disko.mp3
[2009-12-16 01:28:49 | 03,763,797 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\_ _ _drossel - moglbym z toba robic aj ja jaj 2009_ %19.mp3
[2009-12-16 01:08:57 | 04,032,128 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\boys - dobrze wiem.mp3
[2009-12-16 00:58:13 | 02,521,623 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\_ _ _two boys - szalowa lala 2009_ _ _.pl_po!.mp3
[2009-12-14 21:32:29 | 00,014,569 | ---- | M] () -- E:\Documents and Settings\Paweł\Moje dokumenty\jkb.JPG
[2009-12-14 19:20:56 | 04,348,104 | ---- | M] () -- E:\Documents and Settings\Paweł\Moje dokumenty\easytech - i'm the sexy girl (cherry coke remix).mp3
[2009-12-13 15:16:18 | 03,766,724 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\cool - kim dla mnie jestes _nowosc 2009 fuleption.mp3
[2009-12-13 14:15:11 | 03,911,294 | ---- | M] () -- E:\Documents and Settings\Paweł\Moje dokumenty\morandi - colours (radio edit).mp3
[2009-12-13 13:58:49 | 35,297,010 | ---- | M] () -- E:\Documents and Settings\Paweł\Moje dokumenty\Hotel.Dash.rar
[2009-12-13 13:34:07 | 08,144,896 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\El Simbolo - La Fiesta Loca (Extended Loco Mix) [4clubbers.pl].mp3
[2009-12-12 21:21:31 | 03,012,099 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\k-tronic - jump around 2009 (original bootleg mix - prima promo).mp3
[2009-12-12 21:11:04 | 04,993,390 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\laurent wolf - columbia.mp3
[2009-12-12 19:48:46 | 03,785,532 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\skalar - powiedz powiedz.mp3
[2009-12-12 13:45:04 | 04,403,276 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\player & remady - sexy game over (spens vocal mix).mp3
[2009-12-11 16:07:17 | 01,152,714 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\pit bull - bojangles.mp3
[2009-12-11 13:45:20 | 04,046,339 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\easy tech - i'm the sexy girl (digital mode remix).mp3
[2009-12-11 13:41:06 | 04,385,722 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\dj mast ft laurent wolf - no stress (xclusive remix).mp3
[2009-12-08 15:21:23 | 03,572,791 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\daddy dj - daddy dj.mp3
[2009-12-08 15:15:23 | 05,124,256 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\david guetta feat akon - sexy bitch & day n nite (getdown remix) .mp3
[2009-12-07 14:44:55 | 05,374,195 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\dj tektronic_braincreator - we are all to blame (tektronic re-make)(2).mp3
[2009-12-06 17:00:41 | 07,867,199 | ---- | M] ( ) -- E:\Documents and Settings\Paweł\Pulpit\b-Link 1.1 Setup.exe
[2009-12-03 12:48:00 | 00,002,206 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2009-12-02 14:18:31 | 03,543,084 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\bass-t-no-jestes szalona 2007laylist%11.mp3
[2009-12-01 19:43:52 | 03,882,080 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\boys - jestes szalona (dj szum3k electro remix 2009).mp3
[2009-12-01 13:54:27 | 04,589,686 | ---- | M] () -- E:\Documents and Settings\Paweł\Pulpit\lady gaga-bad romance.mp3
[2009-11-30 15:38:53 | 00,026,112 | ---- | M] () -- E:\Documents and Settings\Paweł\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-28 23:18:00 | 00,002,259 | ---- | M] () -- E:\Documents and Settings\All Users\Pulpit\Skype.lnk
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2009-12-26 14:46:44 | 00,001,743 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\HijackThis.lnk
[2009-12-26 02:50:00 | 03,438,625 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\dj matrix - la tipica ragazza italiana.mp3
[2009-12-26 02:44:12 | 03,477,077 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\modern talking - win the race.mp3
[2009-12-26 02:20:55 | 03,907,114 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\03 - dj matrix - la vita a volte e strana (beach mix).mp3
[2009-12-26 02:20:11 | 02,950,867 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\masters & matrix - tarzan 2008 (tarzan boy cover)[by jedras888][www.disco-polo.mp3
[2009-12-26 02:16:31 | 03,634,617 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\dj matrix-la vita a volte e strana (put version).mp3
[2009-12-24 22:22:16 | 04,975,880 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\manian & dan winter - black toys vol 1.mp3
[2009-12-24 14:06:41 | 09,848,768 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\AQQ_FN_21050.exe
[2009-12-24 12:25:27 | 02,834,771 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\coldplay - viva la vida (dance remix)(2).mp3
[2009-12-24 12:16:34 | 00,820,838 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\coldplay - viva la vida (dance remix).mp3
[2009-12-24 12:09:44 | 03,911,756 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\coldplay - viva la vida.mp3
[2009-12-23 21:56:00 | 00,046,813 | ---- | C] () -- E:\Documents and Settings\Paweł\Moje dokumenty\mns.JPG
[2009-12-23 21:03:06 | 03,862,019 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\drossel - mariolka 2008.mp3
[2009-12-22 21:06:15 | 00,619,056 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\com_xeslidegallm_pl.zip
[2009-12-22 21:05:51 | 00,009,881 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\mod_marketplace5_111_pl(2).zip
[2009-12-22 21:05:34 | 00,075,035 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\com_marketplace_12_pl(2).zip
[2009-12-22 21:04:36 | 00,403,535 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\com_ezine_21_lite.zip
[2009-12-22 21:04:24 | 00,075,035 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\com_marketplace_12_pl.zip
[2009-12-22 21:04:22 | 00,009,881 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\mod_marketplace5_111_pl.zip
[2009-12-22 21:01:01 | 00,347,462 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\com_musixbox1.0.3-pl.zip
[2009-12-22 20:59:19 | 00,192,999 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\com_marketplace_131-utf8.zip
[2009-12-22 10:58:49 | 00,009,651 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\cennik.ods
[2009-12-21 12:21:24 | 03,577,775 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\natali - veter s morya dul (club remix).mp3
[2009-12-21 12:20:00 | 04,282,486 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\time - impreza 2008.mp3
[2009-12-21 12:05:06 | 02,462,991 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\Cover - 6 NA 9 [www.DiscoStrefa.info].mp3
[2009-12-21 12:02:37 | 03,271,442 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\natali - ya lublu tebya (plikus.pl).mp3
[2009-12-21 11:55:08 | 03,442,387 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\ruska - dawaj, dawaj! (cala)001e40ae%11.mp3
[2009-12-19 20:06:21 | 06,874,412 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\jumla.zip
[2009-12-19 15:09:04 | 00,000,291 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\XAMPP Control Panel.lnk
[2009-12-19 11:35:55 | 00,040,972 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\mod_superfishmenu.rar
[2009-12-18 20:28:03 | 01,610,240 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\photoslide_2_pack.zip
[2009-12-18 20:13:54 | 00,000,273 | ---- | C] () -- E:\WINDOWS\wcx_ftp.ini
[2009-12-18 20:11:41 | 00,003,510 | ---- | C] () -- E:\WINDOWS\WINCMD.INI
[2009-12-18 19:49:04 | 00,162,858 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\pl-PL.joomla1515-admin-site.zip
[2009-12-18 16:49:26 | 49,405,864 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\rails_blog_2.mov
[2009-12-17 21:56:33 | 03,480,840 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\standard - ola, ola.mp3
[2009-12-17 21:53:50 | 03,492,961 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\two boys - jestes dla mnie aniolerzuta.pl%0E9.mp3
[2009-12-17 14:17:31 | 02,239,875 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\radio chlew - rolnicze disko.mp3
[2009-12-16 00:51:13 | 03,763,797 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\_ _ _drossel - moglbym z toba robic aj ja jaj 2009_ %19.mp3
[2009-12-16 00:48:27 | 04,032,128 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\boys - dobrze wiem.mp3
[2009-12-16 00:45:33 | 02,521,623 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\_ _ _two boys - szalowa lala 2009_ _ _.pl_po!.mp3
[2009-12-14 21:32:29 | 00,014,569 | ---- | C] () -- E:\Documents and Settings\Paweł\Moje dokumenty\jkb.JPG
[2009-12-13 14:24:54 | 03,766,724 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\cool - kim dla mnie jestes _nowosc 2009 fuleption.mp3
[2009-12-13 14:14:57 | 03,911,294 | ---- | C] () -- E:\Documents and Settings\Paweł\Moje dokumenty\morandi - colours (radio edit).mp3
[2009-12-13 14:14:51 | 04,348,104 | ---- | C] () -- E:\Documents and Settings\Paweł\Moje dokumenty\easytech - i'm the sexy girl (cherry coke remix).mp3
[2009-12-13 13:56:40 | 35,297,010 | ---- | C] () -- E:\Documents and Settings\Paweł\Moje dokumenty\Hotel.Dash.rar
[2009-12-13 13:18:44 | 08,144,896 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\El Simbolo - La Fiesta Loca (Extended Loco Mix) [4clubbers.pl].mp3
[2009-12-12 21:14:42 | 03,012,099 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\k-tronic - jump around 2009 (original bootleg mix - prima promo).mp3
[2009-12-12 21:11:00 | 04,993,390 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\laurent wolf - columbia.mp3
[2009-12-12 18:56:22 | 03,785,532 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\skalar - powiedz powiedz.mp3
[2009-12-12 10:43:13 | 04,403,276 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\player & remady - sexy game over (spens vocal mix).mp3
[2009-12-11 11:58:59 | 01,152,714 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\pit bull - bojangles.mp3
[2009-12-11 11:47:13 | 04,385,722 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\dj mast ft laurent wolf - no stress (xclusive remix).mp3
[2009-12-11 11:45:17 | 04,046,339 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\easy tech - i'm the sexy girl (digital mode remix).mp3
[2009-12-07 14:44:44 | 05,374,195 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\dj tektronic_braincreator - we are all to blame (tektronic re-make)(2).mp3
[2009-12-04 15:46:15 | 05,124,256 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\david guetta feat akon - sexy bitch & day n nite (getdown remix) .mp3
[2009-12-01 19:35:23 | 03,543,084 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\bass-t-no-jestes szalona 2007laylist%11.mp3
[2009-12-01 19:25:06 | 03,882,080 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\boys - jestes szalona (dj szum3k electro remix 2009).mp3
[2009-12-01 13:23:54 | 03,572,791 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\daddy dj - daddy dj.mp3
[2009-11-30 20:59:00 | 04,589,686 | ---- | C] () -- E:\Documents and Settings\Paweł\Pulpit\lady gaga-bad romance.mp3
[2009-11-28 23:03:55 | 00,002,259 | ---- | C] () -- E:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2009-09-09 17:55:20 | 00,466,944 | ---- | C] () -- E:\WINDOWS\System32\EventConsumer.dll
[2009-09-09 17:55:20 | 00,282,624 | ---- | C] () -- E:\WINDOWS\System32\niknakXML.dll
[2009-09-09 17:55:20 | 00,135,168 | ---- | C] () -- E:\WINDOWS\System32\expat.dll
[2009-09-09 17:55:07 | 00,028,672 | ---- | C] () -- E:\WINDOWS\System32\JawsMacroUtils.dll
[2009-08-30 21:46:53 | 00,322,048 | ---- | C] () -- E:\WINDOWS\System32\Easylase.dll
[2009-08-30 21:46:53 | 00,301,056 | ---- | C] () -- E:\WINDOWS\System32\usbdmxfs.dll
[2009-08-30 21:46:53 | 00,262,144 | ---- | C] () -- E:\WINDOWS\System32\dashard2006.dll
[2009-08-30 21:46:53 | 00,110,592 | ---- | C] () -- E:\WINDOWS\System32\usb_dll.dll
[2009-08-30 21:46:53 | 00,110,592 | ---- | C] () -- E:\WINDOWS\System32\dashard.dll
[2009-08-30 21:46:53 | 00,084,992 | ---- | C] () -- E:\WINDOWS\System32\DMX510Vb.dll
[2009-08-30 21:46:53 | 00,077,824 | ---- | C] () -- E:\WINDOWS\System32\dashardvb.dll
[2009-08-30 21:46:53 | 00,049,152 | ---- | C] () -- E:\WINDOWS\System32\EspionDll.dll
[2009-08-30 21:46:53 | 00,044,544 | ---- | C] () -- E:\WINDOWS\System32\dmx60.dll
[2009-08-30 21:46:53 | 00,044,544 | ---- | C] () -- E:\WINDOWS\System32\dmx120.dll
[2009-08-30 21:46:53 | 00,042,496 | ---- | C] () -- E:\WINDOWS\System32\K8062D.dll
[2009-08-30 21:46:53 | 00,037,888 | ---- | C] () -- E:\WINDOWS\System32\LPT_dmx.dll
[2009-08-30 21:46:53 | 00,032,768 | ---- | C] () -- E:\WINDOWS\System32\MPUSBAPI.DLL
[2009-08-30 21:46:53 | 00,017,920 | ---- | C] () -- E:\WINDOWS\System32\usbdmxsi.dll
[2009-08-30 21:46:53 | 00,016,384 | ---- | C] () -- E:\WINDOWS\System32\FASTTime32.dll
[2009-08-30 21:46:53 | 00,003,584 | ---- | C] () -- E:\WINDOWS\System32\drivers\dlportio.sys
[2009-08-30 21:46:52 | 00,032,768 | ---- | C] () -- E:\WINDOWS\System32\inpout32.dll
[2009-08-16 11:13:11 | 00,000,994 | ---- | C] () -- E:\WINDOWS\psmplay.ini
[2009-04-15 23:59:58 | 00,043,520 | ---- | C] () -- E:\WINDOWS\System32\CmdLineExt03.dll
[2009-04-12 00:05:18 | 00,002,272 | ---- | C] () -- E:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2009-04-09 18:20:55 | 00,138,512 | ---- | C] () -- E:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009-04-04 13:03:52 | 00,003,972 | ---- | C] () -- E:\WINDOWS\System32\drivers\PciBus.sys
[2009-04-02 15:13:24 | 00,000,030 | ---- | C] () -- E:\WINDOWS\TextSpy.ini
[2009-03-26 17:11:52 | 01,724,416 | ---- | C] () -- E:\WINDOWS\System32\nvwdmcpl.dll
[2009-03-26 17:11:52 | 01,101,824 | ---- | C] () -- E:\WINDOWS\System32\nvwimg.dll
[2009-03-26 17:11:51 | 00,466,944 | ---- | C] () -- E:\WINDOWS\System32\nvshell.dll
[2009-03-26 17:11:50 | 00,286,720 | ---- | C] () -- E:\WINDOWS\System32\nvnt4cpl.dll
[2009-03-26 17:11:49 | 01,503,232 | ---- | C] () -- E:\WINDOWS\System32\nview.dll
[2009-03-26 17:11:49 | 00,581,632 | ---- | C] () -- E:\WINDOWS\System32\nvhwvid.dll
[2008-12-01 23:30:13 | 00,000,132 | ---- | C] () -- E:\WINDOWS\winamp.ini
[2008-11-28 22:51:18 | 00,000,234 | ---- | C] () -- E:\WINDOWS\Fakturka.ini
[2008-11-24 22:02:11 | 00,717,296 | ---- | C] () -- E:\WINDOWS\System32\drivers\sptd.sys
[2008-11-23 19:27:21 | 00,164,352 | ---- | C] () -- E:\WINDOWS\System32\unrar.dll
[2008-11-23 19:27:21 | 00,000,038 | ---- | C] () -- E:\WINDOWS\avisplitter.ini
[2008-11-23 19:27:19 | 03,596,288 | ---- | C] () -- E:\WINDOWS\System32\qt-dx331.dll
[2008-11-23 19:27:18 | 00,007,680 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll
[2008-11-23 19:27:18 | 00,000,547 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll.manifest
[2008-11-23 19:24:02 | 00,026,112 | ---- | C] () -- E:\Documents and Settings\Paweł\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-11-23 19:22:55 | 00,237,568 | ---- | C] () -- E:\WINDOWS\System32\OggDS.dll
[2008-11-23 19:22:53 | 00,921,600 | ---- | C] () -- E:\WINDOWS\System32\vorbisenc.dll
[2008-11-23 19:22:47 | 00,188,416 | ---- | C] () -- E:\WINDOWS\System32\vorbis.dll
[2008-11-23 19:22:45 | 00,045,056 | ---- | C] () -- E:\WINDOWS\System32\ogg.dll
[2008-11-23 19:22:37 | 00,009,216 | ---- | C] () -- E:\WINDOWS\System32\cpuinf32.dll
[2008-11-23 19:22:36 | 00,755,027 | ---- | C] () -- E:\WINDOWS\System32\xvidcore.dll
[2008-11-23 19:22:32 | 00,159,839 | ---- | C] () -- E:\WINDOWS\System32\xvidvfw.dll
[2008-11-23 17:06:02 | 00,196,608 | ---- | C] () -- E:\WINDOWS\System32\nvapi.dll
[2008-11-22 20:58:04 | 00,143,360 | ---- | C] () -- E:\WINDOWS\System32\RtlCPAPI.dll
[2008-10-22 04:29:06 | 00,173,550 | ---- | C] () -- E:\WINDOWS\System32\xlive.dll.cat
[2008-10-07 08:13:30 | 00,197,912 | ---- | C] () -- E:\WINDOWS\System32\physxcudart_20.dll
[2008-10-07 08:13:22 | 00,058,648 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelSwedish.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelSpanish.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelPortugese.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelKorean.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelJapanese.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelGerman.dll
[2008-10-07 08:13:20 | 00,058,648 | ---- | C] () -- E:\WINDOWS\System32\AgCPanelFrench.dll
[2007-10-09 01:00:18 | 00,006,656 | ---- | C] () -- E:\WINDOWS\System32\lpcio.dll
[2004-09-24 00:31:08 | 00,233,472 | ---- | C] () -- E:\WINDOWS\System32\libmySQL.dll
[2004-07-29 18:08:30 | 00,024,633 | ---- | C] () -- E:\WINDOWS\php.ini
[2002-06-25 08:28:18 | 00,000,455 | ---- | C] () -- E:\WINDOWS\my.ini
< End of report >
i przy okazji mam pytanie. Co to jest w otl clean up. I co znaczy [emptytemp]
Jest czysto.
Uruchom OTL i w oknie Custom Scans/Fixes wklej to:
Kliknij w Run Fix. Zatwierdź restart komputera.
Dałam to usuwanie tylko po to, by opróżnić foldery TEMP (czyli komenda "emptytemp)
W OTL kliknij na przycisk “CleanUp” - to go usunie razem z jego Kwarantanną, razem z Avengerem i razem z ComboFixem.
Usuń kopie szkodników z folderu “System Volume Information” poprzez chwilowe wyłączenie “Przywracania Systemu”:
jessi