witajcie otóż chodzi mi o ten plik exe.csrr, długo ładuje się mi pulpit 
po czym wyskakuje ten komunikat, szukałem po googlach ale niczego się nie dowiedziałem, nie kopiujcie z innych stron mi odpowiedzi bo nie ma dobrej odpowiedzi, a już jeden koleś mi napisał dokładnie to samo co było na innej stronie o tym problemie lecz to jest tak jakby z kosmosu wzięte ponieważ nie ma takiego folderu jak messenger. Wykażcie się swoją wiedzą proszę ten problem dotyczy większości użytkowników. Nie omijajcie tego wątku ponieważ jest on naprawdę bardzo poważny.
Proszę zmienić temat na konkretny, opcja EDYTUJ i popraw.JNJN
znalazłem w tym folderze system 32 ten plik lecz pisze poprostu tam csrr, taki brak ikony, jakby nie było tego wcale, mam to usunąć? Ale w trybie awaryjnym? Jak uruchomić tryb awaryjny? Z góry dziękuje
mateusz0739 ,
Napisze tak by nikogo nie urazić. Po pierwsze, Gość, o którym piszesz powyżej nie bardzo ma pojęcie co pisze i dlatego Ci nie odpisze. Mam na myśli ten drugi temat. Zresztą większość jego postów nadaje się do śmietnika. Tak to jest kiedy ludzie nie mający pojęcia o komputerach - usuwaniu infekcji zaczynają się wypowiadać na ten temat Niestety z przykrością stwierdzam, że na tym forum to staje się codziennością.
No akurat ten plik, w tej lokalizacji jest plikiem systemowym, więc jak go usuniesz to zrobisz sobie kuku
Z całym szacunkiem skoro nie potrafisz sam usunąć infekcji i zwracasz się o pomoc to zacznij się stosować do zaleceń innych użytkowników Chyba jesteś jedną z nielicznych osób która nie chce podać loga OTL. OTL niczego nie usuwa tylko ma wykonać skan, a to co ma być usuwane zostanie Ci podane na forum w formie skryptu. Skoro nie chcesz podać loga być może masz coś do ukrycia? Z drugiej strony jak Ci nie odpowiada ta darmowa forma pomocy to zanieś komputer do serwisu komputerowego zapłać i po sprawie
oto logi:
http://wklej.org/id/523820/ albo tutaj niżej są podane:
OTL logfile created on: 2011-05-04 17:57:42 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 77,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 239,16 Gb Total Space | 185,13 Gb Free Space | 77,41% Space Free | Partition Type: NTFS
Drive F: | 226,60 Gb Total Space | 192,44 Gb Free Space | 84,92% Space Free | Partition Type: NTFS
Computer Name: MATEUSZ-F482FE7 | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011-05-04 17:56:46 | 000,580,608 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2011-04-29 22:43:54 | 000,912,344 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-02-23 19:34:20 | 003,451,496 | ---- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-02-23 19:34:19 | 000,042,184 | ---- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010-12-16 09:49:28 | 012,984,928 | ---- | M] (GG Network S.A.) – C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2010-04-28 22:28:18 | 003,727,411 | ---- | M] (FreeDownloadManager.ORG) – C:\Program Files\Free Download Manager\fdm.exe
PRC - [2009-07-17 00:03:00 | 001,035,264 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe
PRC - [2009-02-05 13:43:26 | 000,068,136 | ---- | M] () – C:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2008-07-10 08:23:26 | 002,049,320 | ---- | M] (Nero AG) – C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
PRC - [2008-07-10 08:23:26 | 000,053,032 | ---- | M] (Nero AG) – C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
PRC - [2008-07-10 08:23:16 | 001,442,088 | ---- | M] (Nero AG) – C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
PRC - [2008-07-10 08:23:04 | 001,083,176 | ---- | M] (Nero AG) – C:\Program Files\Nero\Nero8\InCD\InCD.exe
========== Modules (SafeList) ==========
MOD - [2011-05-04 17:56:46 | 000,580,608 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2011-02-23 19:34:17 | 000,197,208 | ---- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010-08-23 20:42:53 | 001,054,208 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] – -- (gusvc)
SRV - [2011-02-23 19:34:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] – C:\Program Files\AVAST Software\Avast\AvastSvc.exe – (avast! Antivirus)
SRV - [2009-02-05 13:43:26 | 000,068,136 | ---- | M] () [Auto | Running] – C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE – (ES lite Service)
SRV - [2008-07-10 08:23:26 | 000,053,032 | ---- | M] (Nero AG) [Auto | Running] – C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe – (NeroRegInCDSrv)
SRV - [2008-07-10 08:23:16 | 001,442,088 | ---- | M] (Nero AG) [Auto | Running] – C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe – (InCDsrv)
========== Driver Services (SafeList) ==========
DRV - [2011-05-04 17:26:14 | 000,016,608 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Running] – C:\WINDOWS\gdrv.sys – (gdrv)
DRV - [2011-03-24 10:57:54 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\epmntdrv.sys – (epmntdrv)
DRV - [2011-03-24 10:57:54 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\EuGdiDrv.sys – (EuGdiDrv)
DRV - [2011-02-24 12:24:42 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\atksgt.sys – (atksgt)
DRV - [2011-02-24 12:24:42 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\lirsgt.sys – (lirsgt)
DRV - [2011-02-23 22:01:13 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)
DRV - [2011-02-23 19:26:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] – C:\WINDOWS\System32\drivers\aswSnx.sys – (aswSnx)
DRV - [2011-02-23 19:26:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\WINDOWS\System32\drivers\aswSP.sys – (aswSP)
DRV - [2011-02-23 19:25:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\WINDOWS\System32\drivers\aswTdi.sys – (aswTdi)
DRV - [2011-02-23 19:25:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] – C:\WINDOWS\System32\drivers\aswmon2.sys – (aswMon2)
DRV - [2011-02-23 19:25:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\WINDOWS\System32\drivers\aswRdr.sys – (aswRdr)
DRV - [2011-02-23 19:24:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\WINDOWS\System32\drivers\aavmker4.sys – (Aavmker4)
DRV - [2011-02-23 19:24:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] – C:\WINDOWS\System32\drivers\aswFsBlk.sys – (aswFsBlk)
DRV - [2009-07-17 00:03:00 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\Si3132r5.sys – (Si3132r5)
DRV - [2009-07-17 00:03:00 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\Si3531.sys – (Si3531)
DRV - [2009-07-17 00:03:00 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] – C:\WINDOWS\System32\drivers\Si3114r5.sys – (Si3114r5)
DRV - [2009-07-17 00:03:00 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\si3132.sys – (Si3132)
DRV - [2009-07-17 00:03:00 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\si3124.sys – (Si3124)
DRV - [2009-07-17 00:03:00 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\si3112.sys – (Si3112)
DRV - [2009-07-17 00:03:00 | 000,009,096 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] – C:\WINDOWS\system32\DRIVERS\amdide.sys – (amdide)
DRV - [2009-01-20 15:23:06 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-12-25 14:02:32 | 003,721,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\RtKHDMI.sys – (RTHDMIAzAudService)
DRV - [2008-10-30 17:44:20 | 000,117,888 | R— | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\Rtenicxp.sys – (RTLE8023xp)
DRV - [2008-09-11 07:38:10 | 003,331,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ati2mtag.sys – (ati2mtag)
DRV - [2008-07-10 08:23:14 | 000,040,488 | ---- | M] (Nero AG) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\InCDRm.sys – (incdrm)
DRV - [2008-07-10 08:23:14 | 000,038,952 | ---- | M] (Nero AG) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\InCDPass.sys – (InCDPass)
DRV - [2008-07-10 08:23:04 | 000,128,424 | ---- | M] (Nero AG) [File_System | Disabled | Running] – C:\WINDOWS\system32\drivers\InCDfs.sys – (InCDfs)
DRV - [2008-07-03 00:08:14 | 000,089,600 | R— | M] (ATI Research Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\AtiHdmi.sys – (AtiHdmiService)
DRV - [2007-04-16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\AmdPPM.sys – (AmdPPM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-21-1123561945-630328440-682003330-1003…\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-1123561945-630328440-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
========== FireFox ==========
FF - prefs.js…browser.startup.homepage: “http://google.pl”
FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js…extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js…extensions.enabledItems: player@online.fm:0.2.7
FF - prefs.js…extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js…extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js…extensions.enabledItems: wrc@avast.com:20110101
FF - HKLM\software\mozilla\Firefox\extensions\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-04-01 19:35:39 | 000,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\Components: C:\Program Files\Mozilla Firefox\components [2011-04-29 22:43:57 | 000,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-04-30 08:36:22 | 000,000,000 | —D | M]
[2011-02-23 23:08:19 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Extensions
[2011-05-04 15:30:13 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\b69mhyvu.default\extensions
[2011-03-05 17:48:45 | 000,000,000 | —D | M] (Microsoft .NET Framework Assistant) – C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\b69mhyvu.default\extensions{20a82645-c095-46ed-80e3-08825760534b}
[2011-04-07 20:38:56 | 000,000,000 | —D | M] (Adblock Plus) – C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\b69mhyvu.default\extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011-04-29 20:05:53 | 000,000,000 | —D | M] (Radio Online.FM) – C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\b69mhyvu.default\extensions\player@online.fm
[2011-05-04 15:30:13 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\extensions
[2011-02-23 20:26:15 | 000,000,000 | —D | M] (Java Console) – C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-04-01 19:35:39 | 000,000,000 | —D | M] (avast! WebRep) – C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011-02-26 08:20:47 | 000,000,000 | —D | M] (Free Download Manager plugin) – C:\PROGRAM FILES\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION
[2011-02-23 20:26:11 | 000,000,000 | —D | M] (Java Quick Starter) – C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009-07-17 13:10:12 | 000,704,512 | ---- | M] (BitComet) – C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2011-02-23 20:26:10 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011-03-07 19:25:11 | 000,002,767 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2011-03-07 19:25:11 | 000,001,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2011-03-07 19:25:11 | 000,000,917 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2011-03-07 19:25:11 | 000,000,858 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2011-03-07 19:25:11 | 000,001,183 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2011-03-07 19:25:11 | 000,001,683 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2009-07-17 00:03:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O3 - HKLM…\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKLM…\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O4 - HKLM…\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM…\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM…\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM…\Run: [inCD] C:\Program Files\Nero\Nero8\InCD\InCD.exe (Nero AG)
O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM…\Run: [securDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe (Nero AG)
O4 - HKLM…\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-630328440-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123561945-630328440-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-1123561945-630328440-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1123561945-630328440-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - File not found
O9 - Extra ‘Tools’ menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 173.193.227.124 173.192.105.217
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (“C:\Documents and Settings\Mateusz\Dane aplikacji\hjnvoqiqbbmgalrr2mruuy3whrqbavw2\csrss.exe”) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-02-23 19:50:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]
O32 - AutoRun File - [2009-06-11 02:12:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat – [NTFS]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM…comfile [open] – “%1” %*
O35 - HKLM…exefile [open] – “%1” %*
O37 - HKLM…com [@ = comfile] – “%1” %*
O37 - HKLM…exe [@ = exefile] – “%1” %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
========== Files/Folders - Created Within 30 Days ==========
[2011-04-30 22:22:46 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\Jodix
[2011-04-30 22:22:45 | 000,000,000 | —D | C] – C:\Program Files\Free WMA to MP3 Converter
[2011-04-30 22:19:44 | 000,000,000 | R–D | C] – C:\Documents and Settings\Mateusz\Moje dokumenty\Moje wideo
[2011-04-30 16:06:40 | 000,000,000 | —D | C] – C:\Documents and Settings\Mateusz\Moje dokumenty\pendrive
[2011-04-28 17:02:24 | 000,000,000 | —D | C] – C:\Program Files\Electronic Arts
[2011-04-28 17:01:40 | 000,000,000 | —D | C] – C:\Program Files\NVIDIA Corporation
[2011-04-25 18:58:03 | 000,000,000 | —D | C] – C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcia
[2011-04-22 11:39:23 | 000,000,000 | —D | C] – C:\MUZA
[2011-04-14 16:07:57 | 000,000,000 | -HSD | C] – C:\Boot
[2011-04-14 15:16:00 | 000,000,000 | -HSD | C] – C:$RECYCLE.BIN
[2011-04-13 19:12:46 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\EASEUS Partition Master 8.0.1 Home Edition
[2011-04-13 19:12:42 | 000,000,000 | —D | C] – C:\Program Files\EASEUS
[2011-04-06 18:11:55 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Solidshield
[2011-04-06 16:06:31 | 000,000,000 | —D | C] – C:\Documents and Settings\Mateusz\Moje dokumenty\zeszyt i ściągi
[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files - Modified Within 30 Days ==========
[2011-05-04 17:26:14 | 000,016,608 | ---- | M] (Windows ® 2000 DDK provider) – C:\WINDOWS\gdrv.sys
[2011-05-04 17:25:55 | 000,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat
[2011-05-04 17:25:53 | 000,054,376 | ---- | M] () – C:\WINDOWS\System32\ativvaxx.cap
[2011-05-04 16:10:13 | 000,000,069 | ---- | M] () – C:\WINDOWS\NeroDigital.ini
[2011-04-30 22:18:16 | 000,000,064 | ---- | M] () – C:\Documents and Settings\Mateusz\Dane aplikacji\default.pls
[2011-04-30 13:59:59 | 313,423,872 | ---- | M] () – C:\Documents and Settings\Mateusz\Moje dokumenty\Wondows Mx v.4 finall.iso
[2011-04-27 15:26:40 | 000,002,206 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl
[2011-04-14 16:07:59 | 000,008,192 | RHS- | M] () – C:\BOOTSECT.BAK
[2011-04-14 16:07:58 | 000,000,367 | RHS- | M] () – C:\boot.ini
[2011-04-14 12:09:58 | 000,150,792 | ---- | M] () – C:\WINDOWS\System32\FNTCACHE.DAT
[2011-04-14 12:00:00 | 000,001,374 | ---- | M] () – C:\WINDOWS\imsins.BAK
[2011-04-14 11:59:11 | 000,490,284 | ---- | M] () – C:\WINDOWS\System32\perfh015.dat
[2011-04-14 11:59:11 | 000,432,356 | ---- | M] () – C:\WINDOWS\System32\perfh009.dat
[2011-04-14 11:59:11 | 000,083,660 | ---- | M] () – C:\WINDOWS\System32\perfc015.dat
[2011-04-14 11:59:11 | 000,067,312 | ---- | M] () – C:\WINDOWS\System32\perfc009.dat
[2011-04-13 19:37:43 | 000,000,903 | -H-- | M] () – C:\WINDOWS\EPMBatch.ept
[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files Created - No Company Name ==========
[2011-04-30 22:18:16 | 000,000,064 | ---- | C] () – C:\Documents and Settings\Mateusz\Dane aplikacji\default.pls
[2011-04-30 13:18:02 | 313,423,872 | ---- | C] () – C:\Documents and Settings\Mateusz\Moje dokumenty\Wondows Mx v.4 finall.iso
[2011-04-14 16:07:59 | 000,008,192 | RHS- | C] () – C:\BOOTSECT.BAK
[2011-04-14 16:07:58 | 000,383,562 | RHS- | C] () – C:\bootmgr
[2011-04-14 16:07:58 | 000,000,223 | -H-- | C] () – C:\Boot.BAK
[2011-04-13 19:27:45 | 000,000,903 | -H-- | C] () – C:\WINDOWS\EPMBatch.ept
[2011-04-13 19:12:46 | 002,340,992 | ---- | C] () – C:\WINDOWS\System32\BootMan.exe
[2011-04-13 19:12:46 | 000,086,408 | ---- | C] () – C:\WINDOWS\System32\setupempdrv03.exe
[2011-04-13 19:12:46 | 000,018,048 | ---- | C] () – C:\WINDOWS\System32\EuEpmGdi.dll
[2011-04-13 19:12:46 | 000,013,192 | ---- | C] () – C:\WINDOWS\System32\epmntdrv.sys
[2011-04-13 19:12:46 | 000,008,456 | ---- | C] () – C:\WINDOWS\System32\EuGdiDrv.sys
[2011-03-01 20:14:52 | 002,166,256 | ---- | C] () – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2011-03-01 20:00:33 | 000,000,664 | ---- | C] () – C:\WINDOWS\System32\d3d9caps.dat
[2011-02-28 20:09:26 | 000,000,024 | ---- | C] () – C:\WINDOWS\System32\sysmwwod.dll
[2011-02-26 16:37:45 | 000,029,996 | -H-- | C] () –
[2011-02-26 08:17:12 | 000,108,544 | -H-- | C] () –
[2011-02-26 08:08:42 | 000,002,560 | ---- | C] () – C:\WINDOWS_MSRSTRT.EXE
[2011-02-24 12:24:42 | 000,271,360 | ---- | C] () – C:\WINDOWS\System32\drivers\atksgt.sys
[2011-02-24 12:24:42 | 000,018,048 | ---- | C] () – C:\WINDOWS\System32\drivers\lirsgt.sys
[2011-02-23 23:08:13 | 000,000,000 | ---- | C] () – C:\WINDOWS\nsreg.dat
[2011-02-23 21:47:30 | 000,000,404 | ---- | C] () – C:\WINDOWS\BRWMARK.INI
[2011-02-23 21:47:30 | 000,000,027 | ---- | C] () – C:\WINDOWS\BRPP2KA.INI
[2011-02-23 21:46:53 | 000,000,050 | ---- | C] () – C:\WINDOWS\System32\bridf08b.dat
[2011-02-23 21:44:59 | 000,031,567 | ---- | C] () – C:\WINDOWS\maxlink.ini
[2011-02-23 21:19:36 | 000,005,632 | ---- | C] () – C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-02-23 21:19:36 | 000,000,069 | ---- | C] () – C:\WINDOWS\NeroDigital.ini
[2011-02-23 20:42:05 | 000,004,293 | ---- | C] () – C:\WINDOWS\ODBCINST.INI
[2011-02-23 20:39:19 | 000,150,792 | ---- | C] () – C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-23 20:33:19 | 000,881,664 | ---- | C] () – C:\WINDOWS\System32\xvidcore.dll
[2011-02-23 20:09:58 | 000,000,000 | ---- | C] () – C:\WINDOWS\ativpsrm.bin
[2011-02-23 20:03:26 | 000,593,920 | ---- | C] () – C:\WINDOWS\System32\ati2sgag.exe
[2011-02-23 20:03:17 | 000,887,724 | R— | C] () – C:\WINDOWS\System32\ativva6x.dat
[2011-02-23 20:03:16 | 003,107,788 | R— | C] () – C:\WINDOWS\System32\ativva5x.dat
[2011-02-23 20:03:15 | 003,107,788 | R— | C] () – C:\WINDOWS\System32\ativvaxx.dat
[2011-02-23 20:03:15 | 000,176,216 | R— | C] () – C:\WINDOWS\System32\atiicdxx.dat
[2011-02-23 19:52:58 | 000,002,048 | --S- | C] () – C:\WINDOWS\bootstat.dat
[2011-02-23 19:48:23 | 000,021,856 | ---- | C] () – C:\WINDOWS\System32\emptyregdb.dat
[2009-07-17 00:03:00 | 013,107,200 | ---- | C] () – C:\WINDOWS\System32\oembios.bin
[2009-07-17 00:03:00 | 000,673,088 | ---- | C] () – C:\WINDOWS\System32\mlang.dat
[2009-07-17 00:03:00 | 000,490,284 | ---- | C] () – C:\WINDOWS\System32\perfh015.dat
[2009-07-17 00:03:00 | 000,432,356 | ---- | C] () – C:\WINDOWS\System32\perfh009.dat
[2009-07-17 00:03:00 | 000,313,828 | ---- | C] () – C:\WINDOWS\System32\perfi015.dat
[2009-07-17 00:03:00 | 000,272,128 | ---- | C] () – C:\WINDOWS\System32\perfi009.dat
[2009-07-17 00:03:00 | 000,218,003 | ---- | C] () – C:\WINDOWS\System32\dssec.dat
[2009-07-17 00:03:00 | 000,083,660 | ---- | C] () – C:\WINDOWS\System32\perfc015.dat
[2009-07-17 00:03:00 | 000,067,312 | ---- | C] () – C:\WINDOWS\System32\perfc009.dat
[2009-07-17 00:03:00 | 000,046,258 | ---- | C] () – C:\WINDOWS\System32\mib.bin
[2009-07-17 00:03:00 | 000,034,990 | ---- | C] () – C:\WINDOWS\System32\perfd015.dat
[2009-07-17 00:03:00 | 000,028,626 | ---- | C] () – C:\WINDOWS\System32\perfd009.dat
[2009-07-17 00:03:00 | 000,004,569 | ---- | C] () – C:\WINDOWS\System32\secupd.dat
[2009-07-17 00:03:00 | 000,004,463 | ---- | C] () – C:\WINDOWS\System32\oembios.dat
[2009-07-17 00:03:00 | 000,001,804 | ---- | C] () – C:\WINDOWS\System32\Dcache.bin
[2009-07-17 00:03:00 | 000,000,741 | ---- | C] () – C:\WINDOWS\System32\noise.dat
[2008-10-22 05:29:06 | 000,173,550 | ---- | C] () – C:\WINDOWS\System32\xlive.dll.cat
[2008-07-30 21:30:50 | 000,090,112 | ---- | C] () – C:\WINDOWS\System32\atibrtmon.exe
[2007-08-22 02:21:16 | 000,081,920 | ---- | C] () – C:\WINDOWS\System32\ATIODE.exe
[2007-08-22 00:06:12 | 000,040,960 | ---- | C] () – C:\WINDOWS\System32\ATIODCLI.exe
========== LOP Check ==========
[2011-04-01 19:35:23 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-02-23 22:00:49 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-03-16 17:24:47 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Folder Guard
[2011-02-26 08:20:47 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
[2011-02-23 20:35:05 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-04-02 21:11:19 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-04-12 14:25:18 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft
[2011-04-28 20:02:17 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Solidshield
[2011-02-23 22:14:29 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite
[2011-05-04 15:22:24 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\foobar2000
[2011-05-04 17:57:48 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\Free Download Manager
[2011-04-18 15:38:24 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\Gadu-Gadu 10
[2011-02-26 08:17:23 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\hjnvoqiqbbmgalrr2mruuy3whrqbavw2
[2011-02-23 17:13:30 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\OpenFM
[2011-02-27 10:47:38 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\x2zkluz3qtazj3tfsmytt3ypvljnkjgm2
[2011-02-23 17:06:44 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\xcez3mcy3jwlubpzlamea2dwyjnlrlxi2
[2011-02-24 15:23:45 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\xdiwtt2vpjyrixpesaznhsjenq2ef1hy2
========== Purity Check ==========
========== Custom Scans ==========
< %systemdrive%*.* >
[2011-02-23 19:50:52 | 000,000,000 | ---- | M] () – C:\AUTOEXEC.BAT
[2011-02-23 19:58:20 | 000,000,223 | -H-- | M] () – C:\Boot.BAK
[2011-04-14 16:07:58 | 000,000,367 | RHS- | M] () – C:\boot.ini
[2009-07-17 00:03:00 | 000,004,952 | RHS- | M] () – C:\Bootfont.bin
[2009-07-14 06:08:58 | 000,383,562 | RHS- | M] () – C:\bootmgr
[2011-04-14 16:07:59 | 000,008,192 | RHS- | M] () – C:\BOOTSECT.BAK
[2011-02-23 19:50:52 | 000,000,000 | ---- | M] () – C:\CONFIG.SYS
[2011-02-23 20:00:26 | 000,000,086 | ---- | M] () – C:\csb.log
[2011-02-23 19:50:52 | 000,000,000 | RHS- | M] () – C:\IO.SYS
[2011-02-23 19:50:52 | 000,000,000 | RHS- | M] () – C:\MSDOS.SYS
[2009-07-17 00:03:00 | 000,047,564 | RHS- | M] () – C:\NTDETECT.COM
[2009-07-17 00:03:00 | 000,251,152 | RHS- | M] () – C:\ntldr
[2011-05-04 17:25:51 | 2145,386,496 | -HS- | M] () – C:\pagefile.sys
[2011-02-23 19:58:54 | 000,002,619 | ---- | M] () – C:\RHDSetup.log
[2011-05-04 17:26:22 | 000,000,124 | ---- | M] () – C:\service.log
< MD5 for: AGP440.SYS >
[2009-07-17 00:03:00 | 017,821,884 | ---- | M] () .cab file – C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
< MD5 for: ATAPI.SYS >
[2009-07-17 00:03:00 | 017,821,884 | ---- | M] () .cab file – C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 02:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 – C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: BEEP.SYS >
[2009-07-17 00:03:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 – C:\WINDOWS\system32\dllcache\beep.sys
[2009-07-17 00:03:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 – C:\WINDOWS\system32\drivers\beep.sys
< MD5 for: CDROM.SYS >
[2009-07-17 00:03:00 | 017,821,884 | ---- | M] () .cab file – C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009-07-17 00:03:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE – C:\WINDOWS\system32\drivers\cdrom.sys
[2010-06-11 05:10:58 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D – C:\WINDOWS\system32\dllcache\cdrom.sys
< MD5 for: NDIS.SYS >
[2009-07-17 00:03:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D – C:\WINDOWS\system32\dllcache\ndis.sys
[2009-07-17 00:03:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D – C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: USERINIT.EXE >
[2009-07-17 00:03:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 – C:\WINDOWS\system32\dllcache\userinit.exe
[2009-07-17 00:03:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 – C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009-07-17 00:03:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 – C:\WINDOWS\system32\dllcache\winlogon.exe
[2009-07-17 00:03:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 – C:\WINDOWS\system32\winlogon.exe
< End of report >
Obecności niektórych plików nie skomentuje ale ponieważ dałeś w końcu loga to spróbuje pomóc
W okno Własne opcje skanowania / skrypt w OTL wklej:
Klikasz na Wykonaj skrypt. Zgadzasz się na restart komputera. Log z usuwania na forum
Następnie ponownie uruchamiasz OTL klikasz raz jeszcze Skanuj i dajesz nowy log na forum Czyli dwa logi jeden z usuwania drugi z nowego skanowania po usuwaniu.
to wyskoczyło po usuwaniu:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell:“C:\Documents and Settings\Mateusz\Dane aplikacji\hjnvoqiqbbmgalrr2mruuy3whrqbavw2\csrss.exe” deleted successfully.
========== FILES ==========
C:\Documents and Settings\Mateusz\Dane aplikacji\hjnvoqiqbbmgalrr2mruuy3whrqbavw2 folder moved successfully.
C:\Documents and Settings\Mateusz\Dane aplikacji\x2zkluz3qtazj3tfsmytt3ypvljnkjgm2 folder moved successfully.
C:\Documents and Settings\Mateusz\Dane aplikacji\xcez3mcy3jwlubpzlamea2dwyjnlrlxi2 folder moved successfully.
C:\Documents and Settings\Mateusz\Dane aplikacji\xdiwtt2vpjyrixpesaznhsjenq2ef1hy2 folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Mateusz
->Temp folder emptied: 503670637 bytes
->Temporary Internet Files folder emptied: 11834720 bytes
->Java cache emptied: 248808 bytes
->FireFox cache emptied: 62321858 bytes
->Flash cache emptied: 7350 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 34646567 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 585,00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 05042011_193919
Files\Folders moved on Reboot…
C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\OU3VBHVA\background_button_green_full[1].png moved successfully.
C:\Documents and Settings\Mateusz\Ustawienia lokalne\Temporary Internet Files\Content.IE5\OU3VBHVA\list-item-plus[2].png moved successfully.
File move failed. C:\WINDOWS\temp_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot…
– Dodane 04.05.2011 (Śr) 19:47 –
proszę:
OTL logfile created on: 2011-05-04 19:45:46 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 81,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 239,16 Gb Total Space | 185,69 Gb Free Space | 77,65% Space Free | Partition Type: NTFS
Drive F: | 226,60 Gb Total Space | 192,44 Gb Free Space | 84,92% Space Free | Partition Type: NTFS
Computer Name: MATEUSZ-F482FE7 | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011-05-04 17:56:46 | 000,580,608 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2011-04-29 22:43:54 | 000,912,344 | ---- | M] (Mozilla Corporation) – C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-02-23 19:34:20 | 003,451,496 | ---- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-02-23 19:34:19 | 000,042,184 | ---- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009-07-17 00:03:00 | 001,035,264 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\explorer.exe
PRC - [2009-02-05 13:43:26 | 000,068,136 | ---- | M] () – C:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2008-07-10 08:23:26 | 002,049,320 | ---- | M] (Nero AG) – C:\Program Files\Nero\Nero8\InCD\NBHGui.exe
PRC - [2008-07-10 08:23:26 | 000,053,032 | ---- | M] (Nero AG) – C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
PRC - [2008-07-10 08:23:16 | 001,442,088 | ---- | M] (Nero AG) – C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
PRC - [2008-07-10 08:23:04 | 001,083,176 | ---- | M] (Nero AG) – C:\Program Files\Nero\Nero8\InCD\InCD.exe
PRC - [2008-01-31 17:29:06 | 000,196,608 | R— | M] (Brother Industries, Ltd.) – C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
========== Modules (SafeList) ==========
MOD - [2011-05-04 17:56:46 | 000,580,608 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\Mateusz\Moje dokumenty\Pobieranie\OTL.exe
MOD - [2011-02-23 19:34:17 | 000,197,208 | ---- | M] (AVAST Software) – C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010-08-23 20:42:53 | 001,054,208 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] – -- (gusvc)
SRV - [2011-02-23 19:34:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] – C:\Program Files\AVAST Software\Avast\AvastSvc.exe – (avast! Antivirus)
SRV - [2009-02-05 13:43:26 | 000,068,136 | ---- | M] () [Auto | Running] – C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE – (ES lite Service)
SRV - [2008-07-10 08:23:26 | 000,053,032 | ---- | M] (Nero AG) [Auto | Running] – C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe – (NeroRegInCDSrv)
SRV - [2008-07-10 08:23:16 | 001,442,088 | ---- | M] (Nero AG) [Auto | Running] – C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe – (InCDsrv)
========== Driver Services (SafeList) ==========
DRV - [2011-05-04 19:42:38 | 000,016,608 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Running] – C:\WINDOWS\gdrv.sys – (gdrv)
DRV - [2011-03-24 10:57:54 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\epmntdrv.sys – (epmntdrv)
DRV - [2011-03-24 10:57:54 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\EuGdiDrv.sys – (EuGdiDrv)
DRV - [2011-02-24 12:24:42 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\atksgt.sys – (atksgt)
DRV - [2011-02-24 12:24:42 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\lirsgt.sys – (lirsgt)
DRV - [2011-02-23 22:01:13 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)
DRV - [2011-02-23 19:26:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] – C:\WINDOWS\System32\drivers\aswSnx.sys – (aswSnx)
DRV - [2011-02-23 19:26:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\WINDOWS\System32\drivers\aswSP.sys – (aswSP)
DRV - [2011-02-23 19:25:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\WINDOWS\System32\drivers\aswTdi.sys – (aswTdi)
DRV - [2011-02-23 19:25:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] – C:\WINDOWS\System32\drivers\aswmon2.sys – (aswMon2)
DRV - [2011-02-23 19:25:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\WINDOWS\System32\drivers\aswRdr.sys – (aswRdr)
DRV - [2011-02-23 19:24:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] – C:\WINDOWS\System32\drivers\aavmker4.sys – (Aavmker4)
DRV - [2011-02-23 19:24:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] – C:\WINDOWS\System32\drivers\aswFsBlk.sys – (aswFsBlk)
DRV - [2009-07-17 00:03:00 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\Si3132r5.sys – (Si3132r5)
DRV - [2009-07-17 00:03:00 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\Si3531.sys – (Si3531)
DRV - [2009-07-17 00:03:00 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] – C:\WINDOWS\System32\drivers\Si3114r5.sys – (Si3114r5)
DRV - [2009-07-17 00:03:00 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\si3132.sys – (Si3132)
DRV - [2009-07-17 00:03:00 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\si3124.sys – (Si3124)
DRV - [2009-07-17 00:03:00 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] – C:\WINDOWS\System32\drivers\si3112.sys – (Si3112)
DRV - [2009-07-17 00:03:00 | 000,009,096 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] – C:\WINDOWS\system32\DRIVERS\amdide.sys – (amdide)
DRV - [2009-01-20 15:23:06 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-12-25 14:02:32 | 003,721,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\RtKHDMI.sys – (RTHDMIAzAudService)
DRV - [2008-10-30 17:44:20 | 000,117,888 | R— | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\Rtenicxp.sys – (RTLE8023xp)
DRV - [2008-09-11 07:38:10 | 003,331,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ati2mtag.sys – (ati2mtag)
DRV - [2008-07-10 08:23:14 | 000,040,488 | ---- | M] (Nero AG) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\InCDRm.sys – (incdrm)
DRV - [2008-07-10 08:23:14 | 000,038,952 | ---- | M] (Nero AG) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\InCDPass.sys – (InCDPass)
DRV - [2008-07-10 08:23:04 | 000,128,424 | ---- | M] (Nero AG) [File_System | Disabled | Running] – C:\WINDOWS\system32\drivers\InCDfs.sys – (InCDfs)
DRV - [2008-07-03 00:08:14 | 000,089,600 | R— | M] (ATI Research Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\AtiHdmi.sys – (AtiHdmiService)
DRV - [2007-04-16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] – C:\WINDOWS\system32\drivers\AmdPPM.sys – (AmdPPM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKU\S-1-5-21-1123561945-630328440-682003330-1003…\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-1123561945-630328440-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
========== FireFox ==========
FF - prefs.js…browser.startup.homepage: “http://google.pl”
FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js…extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js…extensions.enabledItems: player@online.fm:0.2.7
FF - prefs.js…extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js…extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js…extensions.enabledItems: wrc@avast.com:20110101
FF - HKLM\software\mozilla\Firefox\extensions\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-04-01 19:35:39 | 000,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\Components: C:\Program Files\Mozilla Firefox\components [2011-04-29 22:43:57 | 000,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-04-30 08:36:22 | 000,000,000 | —D | M]
[2011-02-23 23:08:19 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Extensions
[2011-05-04 15:30:13 | 000,000,000 | —D | M] (No name found) – C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\b69mhyvu.default\extensions
[2011-03-05 17:48:45 | 000,000,000 | —D | M] (Microsoft .NET Framework Assistant) – C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\b69mhyvu.default\extensions{20a82645-c095-46ed-80e3-08825760534b}
[2011-04-07 20:38:56 | 000,000,000 | —D | M] (Adblock Plus) – C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\b69mhyvu.default\extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011-04-29 20:05:53 | 000,000,000 | —D | M] (Radio Online.FM) – C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\b69mhyvu.default\extensions\player@online.fm
[2011-05-04 15:30:13 | 000,000,000 | —D | M] (No name found) – C:\Program Files\Mozilla Firefox\extensions
[2011-02-23 20:26:15 | 000,000,000 | —D | M] (Java Console) – C:\Program Files\Mozilla Firefox\extensions{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-04-01 19:35:39 | 000,000,000 | —D | M] (avast! WebRep) – C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011-02-26 08:20:47 | 000,000,000 | —D | M] (Free Download Manager plugin) – C:\PROGRAM FILES\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION
[2011-02-23 20:26:11 | 000,000,000 | —D | M] (Java Quick Starter) – C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009-07-17 13:10:12 | 000,704,512 | ---- | M] (BitComet) – C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2011-02-23 20:26:10 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011-03-07 19:25:11 | 000,002,767 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2011-03-07 19:25:11 | 000,001,406 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2011-03-07 19:25:11 | 000,000,917 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2011-03-07 19:25:11 | 000,000,858 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2011-03-07 19:25:11 | 000,001,183 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2011-03-07 19:25:11 | 000,001,683 | ---- | M] () – C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2009-07-17 00:03:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O3 - HKLM…\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKLM…\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O4 - HKLM…\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM…\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM…\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM…\Run: [inCD] C:\Program Files\Nero\Nero8\InCD\InCD.exe (Nero AG)
O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM…\Run: [securDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe (Nero AG)
O4 - HKLM…\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-630328440-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123561945-630328440-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-1123561945-630328440-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1123561945-630328440-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Pobierz plik wideo we Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Pobierz w Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Pobierz wszystkie pliki w Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Pobierz zaznaczone w Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - File not found
O9 - Extra ‘Tools’ menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 173.193.227.124 173.192.105.217
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-02-23 19:50:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [NTFS]
O32 - AutoRun File - [2009-06-11 02:12:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat – [NTFS]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM…comfile [open] – “%1” %*
O35 - HKLM…exefile [open] – “%1” %*
O37 - HKLM…com [@ = comfile] – “%1” %*
O37 - HKLM…exe [@ = exefile] – “%1” %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
========== Files/Folders - Created Within 30 Days ==========
[2011-05-04 19:39:19 | 000,000,000 | —D | C] – C:_OTL
[2011-04-30 22:22:46 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\Jodix
[2011-04-30 22:22:45 | 000,000,000 | —D | C] – C:\Program Files\Free WMA to MP3 Converter
[2011-04-30 22:19:44 | 000,000,000 | R–D | C] – C:\Documents and Settings\Mateusz\Moje dokumenty\Moje wideo
[2011-04-30 16:06:40 | 000,000,000 | —D | C] – C:\Documents and Settings\Mateusz\Moje dokumenty\pendrive
[2011-04-28 17:02:24 | 000,000,000 | —D | C] – C:\Program Files\Electronic Arts
[2011-04-28 17:01:40 | 000,000,000 | —D | C] – C:\Program Files\NVIDIA Corporation
[2011-04-25 18:58:03 | 000,000,000 | —D | C] – C:\Documents and Settings\Mateusz\Moje dokumenty\zdjęcia
[2011-04-22 11:39:23 | 000,000,000 | —D | C] – C:\MUZA
[2011-04-14 16:07:57 | 000,000,000 | -HSD | C] – C:\Boot
[2011-04-14 15:16:00 | 000,000,000 | -HSD | C] – C:$RECYCLE.BIN
[2011-04-13 19:12:46 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Menu Start\Programy\EASEUS Partition Master 8.0.1 Home Edition
[2011-04-13 19:12:42 | 000,000,000 | —D | C] – C:\Program Files\EASEUS
[2011-04-06 18:11:55 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\Solidshield
[2011-04-06 16:06:31 | 000,000,000 | —D | C] – C:\Documents and Settings\Mateusz\Moje dokumenty\zeszyt i ściągi
========== Files - Modified Within 30 Days ==========
[2011-05-04 19:42:38 | 000,016,608 | ---- | M] (Windows ® 2000 DDK provider) – C:\WINDOWS\gdrv.sys
[2011-05-04 19:42:23 | 000,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat
[2011-05-04 19:42:21 | 000,054,376 | ---- | M] () – C:\WINDOWS\System32\ativvaxx.cap
[2011-05-04 19:39:20 | 000,490,614 | ---- | M] () – C:\WINDOWS\System32\perfh015.dat
[2011-05-04 19:39:20 | 000,432,492 | ---- | M] () – C:\WINDOWS\System32\perfh009.dat
[2011-05-04 19:39:20 | 000,083,864 | ---- | M] () – C:\WINDOWS\System32\perfc015.dat
[2011-05-04 19:39:20 | 000,067,448 | ---- | M] () – C:\WINDOWS\System32\perfc009.dat
[2011-05-04 19:10:26 | 001,057,859 | ---- | M] () – C:\Documents and Settings\Mateusz\Pulpit\Muzyka na małym i dużym ekranie.ppsx
[2011-05-04 16:10:13 | 000,000,069 | ---- | M] () – C:\WINDOWS\NeroDigital.ini
[2011-04-30 22:18:16 | 000,000,064 | ---- | M] () – C:\Documents and Settings\Mateusz\Dane aplikacji\default.pls
[2011-04-30 13:59:59 | 313,423,872 | ---- | M] () – C:\Documents and Settings\Mateusz\Moje dokumenty\Wondows Mx v.4 finall.iso
[2011-04-27 15:26:40 | 000,002,206 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl
[2011-04-14 16:07:59 | 000,008,192 | RHS- | M] () – C:\BOOTSECT.BAK
[2011-04-14 16:07:58 | 000,000,367 | RHS- | M] () – C:\boot.ini
[2011-04-14 12:09:58 | 000,150,792 | ---- | M] () – C:\WINDOWS\System32\FNTCACHE.DAT
[2011-04-14 12:00:00 | 000,001,374 | ---- | M] () – C:\WINDOWS\imsins.BAK
[2011-04-13 19:37:43 | 000,000,903 | -H-- | M] () – C:\WINDOWS\EPMBatch.ept
========== Files Created - No Company Name ==========
[2011-05-04 18:57:39 | 001,057,859 | ---- | C] () – C:\Documents and Settings\Mateusz\Pulpit\Muzyka na małym i dużym ekranie.ppsx
[2011-04-30 22:18:16 | 000,000,064 | ---- | C] () – C:\Documents and Settings\Mateusz\Dane aplikacji\default.pls
[2011-04-30 13:18:02 | 313,423,872 | ---- | C] () – C:\Documents and Settings\Mateusz\Moje dokumenty\Wondows Mx v.4 finall.iso
[2011-04-14 16:07:59 | 000,008,192 | RHS- | C] () – C:\BOOTSECT.BAK
[2011-04-14 16:07:58 | 000,383,562 | RHS- | C] () – C:\bootmgr
[2011-04-14 16:07:58 | 000,000,223 | -H-- | C] () – C:\Boot.BAK
[2011-04-13 19:27:45 | 000,000,903 | -H-- | C] () – C:\WINDOWS\EPMBatch.ept
[2011-04-13 19:12:46 | 002,340,992 | ---- | C] () – C:\WINDOWS\System32\BootMan.exe
[2011-04-13 19:12:46 | 000,086,408 | ---- | C] () – C:\WINDOWS\System32\setupempdrv03.exe
[2011-04-13 19:12:46 | 000,018,048 | ---- | C] () – C:\WINDOWS\System32\EuEpmGdi.dll
[2011-04-13 19:12:46 | 000,013,192 | ---- | C] () – C:\WINDOWS\System32\epmntdrv.sys
[2011-04-13 19:12:46 | 000,008,456 | ---- | C] () – C:\WINDOWS\System32\EuGdiDrv.sys
[2011-03-01 20:14:52 | 002,166,256 | ---- | C] () – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2011-03-01 20:00:33 | 000,000,664 | ---- | C] () – C:\WINDOWS\System32\d3d9caps.dat
[2011-02-28 20:09:26 | 000,000,024 | ---- | C] () – C:\WINDOWS\System32\sysmwwod.dll
[2011-02-26 08:08:42 | 000,002,560 | ---- | C] () – C:\WINDOWS_MSRSTRT.EXE
[2011-02-24 12:24:42 | 000,271,360 | ---- | C] () – C:\WINDOWS\System32\drivers\atksgt.sys
[2011-02-24 12:24:42 | 000,018,048 | ---- | C] () – C:\WINDOWS\System32\drivers\lirsgt.sys
[2011-02-23 23:08:13 | 000,000,000 | ---- | C] () – C:\WINDOWS\nsreg.dat
[2011-02-23 21:47:30 | 000,000,404 | ---- | C] () – C:\WINDOWS\BRWMARK.INI
[2011-02-23 21:47:30 | 000,000,027 | ---- | C] () – C:\WINDOWS\BRPP2KA.INI
[2011-02-23 21:46:53 | 000,000,050 | ---- | C] () – C:\WINDOWS\System32\bridf08b.dat
[2011-02-23 21:44:59 | 000,031,567 | ---- | C] () – C:\WINDOWS\maxlink.ini
[2011-02-23 21:19:36 | 000,005,632 | ---- | C] () – C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-02-23 21:19:36 | 000,000,069 | ---- | C] () – C:\WINDOWS\NeroDigital.ini
[2011-02-23 20:42:05 | 000,004,293 | ---- | C] () – C:\WINDOWS\ODBCINST.INI
[2011-02-23 20:39:19 | 000,150,792 | ---- | C] () – C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-23 20:33:19 | 000,881,664 | ---- | C] () – C:\WINDOWS\System32\xvidcore.dll
[2011-02-23 20:09:58 | 000,000,000 | ---- | C] () – C:\WINDOWS\ativpsrm.bin
[2011-02-23 20:03:26 | 000,593,920 | ---- | C] () – C:\WINDOWS\System32\ati2sgag.exe
[2011-02-23 20:03:17 | 000,887,724 | R— | C] () – C:\WINDOWS\System32\ativva6x.dat
[2011-02-23 20:03:16 | 003,107,788 | R— | C] () – C:\WINDOWS\System32\ativva5x.dat
[2011-02-23 20:03:15 | 003,107,788 | R— | C] () – C:\WINDOWS\System32\ativvaxx.dat
[2011-02-23 20:03:15 | 000,176,216 | R— | C] () – C:\WINDOWS\System32\atiicdxx.dat
[2011-02-23 19:52:58 | 000,002,048 | --S- | C] () – C:\WINDOWS\bootstat.dat
[2011-02-23 19:48:23 | 000,021,856 | ---- | C] () – C:\WINDOWS\System32\emptyregdb.dat
[2009-07-17 00:03:00 | 013,107,200 | ---- | C] () – C:\WINDOWS\System32\oembios.bin
[2009-07-17 00:03:00 | 000,673,088 | ---- | C] () – C:\WINDOWS\System32\mlang.dat
[2009-07-17 00:03:00 | 000,490,614 | ---- | C] () – C:\WINDOWS\System32\perfh015.dat
[2009-07-17 00:03:00 | 000,432,492 | ---- | C] () – C:\WINDOWS\System32\perfh009.dat
[2009-07-17 00:03:00 | 000,313,828 | ---- | C] () – C:\WINDOWS\System32\perfi015.dat
[2009-07-17 00:03:00 | 000,272,128 | ---- | C] () – C:\WINDOWS\System32\perfi009.dat
[2009-07-17 00:03:00 | 000,218,003 | ---- | C] () – C:\WINDOWS\System32\dssec.dat
[2009-07-17 00:03:00 | 000,083,864 | ---- | C] () – C:\WINDOWS\System32\perfc015.dat
[2009-07-17 00:03:00 | 000,067,448 | ---- | C] () – C:\WINDOWS\System32\perfc009.dat
[2009-07-17 00:03:00 | 000,046,258 | ---- | C] () – C:\WINDOWS\System32\mib.bin
[2009-07-17 00:03:00 | 000,034,990 | ---- | C] () – C:\WINDOWS\System32\perfd015.dat
[2009-07-17 00:03:00 | 000,028,626 | ---- | C] () – C:\WINDOWS\System32\perfd009.dat
[2009-07-17 00:03:00 | 000,004,569 | ---- | C] () – C:\WINDOWS\System32\secupd.dat
[2009-07-17 00:03:00 | 000,004,463 | ---- | C] () – C:\WINDOWS\System32\oembios.dat
[2009-07-17 00:03:00 | 000,001,804 | ---- | C] () – C:\WINDOWS\System32\Dcache.bin
[2009-07-17 00:03:00 | 000,000,741 | ---- | C] () – C:\WINDOWS\System32\noise.dat
[2008-10-22 05:29:06 | 000,173,550 | ---- | C] () – C:\WINDOWS\System32\xlive.dll.cat
[2008-07-30 21:30:50 | 000,090,112 | ---- | C] () – C:\WINDOWS\System32\atibrtmon.exe
[2007-08-22 02:21:16 | 000,081,920 | ---- | C] () – C:\WINDOWS\System32\ATIODE.exe
[2007-08-22 00:06:12 | 000,040,960 | ---- | C] () – C:\WINDOWS\System32\ATIODCLI.exe
========== LOP Check ==========
[2011-04-01 19:35:23 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-02-23 22:00:49 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-03-16 17:24:47 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Folder Guard
[2011-02-26 08:20:47 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\FreeDownloadManager.ORG
[2011-02-23 20:35:05 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-04-02 21:11:19 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-04-12 14:25:18 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft
[2011-04-28 20:02:17 | 000,000,000 | —D | M] – C:\Documents and Settings\All Users\Dane aplikacji\Solidshield
[2011-02-23 22:14:29 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\DAEMON Tools Lite
[2011-05-04 15:22:24 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\foobar2000
[2011-05-04 17:57:48 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\Free Download Manager
[2011-04-18 15:38:24 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\Gadu-Gadu 10
[2011-02-23 17:13:30 | 000,000,000 | —D | M] – C:\Documents and Settings\Mateusz\Dane aplikacji\OpenFM
========== Purity Check ==========
========== Custom Scans ==========
< %systemdrive%*.* >
[2011-02-23 19:50:52 | 000,000,000 | ---- | M] () – C:\AUTOEXEC.BAT
[2011-02-23 19:58:20 | 000,000,223 | -H-- | M] () – C:\Boot.BAK
[2011-04-14 16:07:58 | 000,000,367 | RHS- | M] () – C:\boot.ini
[2009-07-17 00:03:00 | 000,004,952 | RHS- | M] () – C:\Bootfont.bin
[2009-07-14 06:08:58 | 000,383,562 | RHS- | M] () – C:\bootmgr
[2011-04-14 16:07:59 | 000,008,192 | RHS- | M] () – C:\BOOTSECT.BAK
[2011-02-23 19:50:52 | 000,000,000 | ---- | M] () – C:\CONFIG.SYS
[2011-02-23 20:00:26 | 000,000,086 | ---- | M] () – C:\csb.log
[2011-02-23 19:50:52 | 000,000,000 | RHS- | M] () – C:\IO.SYS
[2011-02-23 19:50:52 | 000,000,000 | RHS- | M] () – C:\MSDOS.SYS
[2009-07-17 00:03:00 | 000,047,564 | RHS- | M] () – C:\NTDETECT.COM
[2009-07-17 00:03:00 | 000,251,152 | RHS- | M] () – C:\ntldr
[2011-05-04 19:42:19 | 2145,386,496 | -HS- | M] () – C:\pagefile.sys
[2011-02-23 19:58:54 | 000,002,619 | ---- | M] () – C:\RHDSetup.log
[2011-05-04 19:42:46 | 000,000,124 | ---- | M] () – C:\service.log
< MD5 for: AGP440.SYS >
[2009-07-17 00:03:00 | 017,821,884 | ---- | M] () .cab file – C:\WINDOWS\Driver Cache\i386\sp3.cab:agp440.sys
< MD5 for: ATAPI.SYS >
[2009-07-17 00:03:00 | 017,821,884 | ---- | M] () .cab file – C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008-04-14 02:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 – C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: BEEP.SYS >
[2009-07-17 00:03:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 – C:\WINDOWS\system32\dllcache\beep.sys
[2009-07-17 00:03:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 – C:\WINDOWS\system32\drivers\beep.sys
< MD5 for: CDROM.SYS >
[2009-07-17 00:03:00 | 017,821,884 | ---- | M] () .cab file – C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009-07-17 00:03:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE – C:\WINDOWS\system32\drivers\cdrom.sys
[2010-06-11 05:10:58 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D – C:\WINDOWS\system32\dllcache\cdrom.sys
< MD5 for: NDIS.SYS >
[2009-07-17 00:03:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D – C:\WINDOWS\system32\dllcache\ndis.sys
[2009-07-17 00:03:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D – C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: USERINIT.EXE >
[2009-07-17 00:03:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 – C:\WINDOWS\system32\dllcache\userinit.exe
[2009-07-17 00:03:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=2A5B37D520508BE6570A3EA79695F5B5 – C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009-07-17 00:03:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 – C:\WINDOWS\system32\dllcache\winlogon.exe
[2009-07-17 00:03:00 | 000,510,464 | ---- | M] (Microsoft Corporation) MD5=51FD2E13D723857B9CA239AE77150F48 – C:\WINDOWS\system32\winlogon.exe
< End of report >
kamil10506 ,
Dałem Ci odpowiedź na pw
mateusz0739
Błąd o którym piszesz już nie powinien się pojawiać
Start - Uruchom - wpisujesz cmd i Enter
w linii komend wpisujesz
sc delete gusvc i Enter
Uruchom OTL klikasz Sprzątanie
Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja
Wykonaj pełny skan Malwarebytes http://www.dobreprogramy.pl/Malwarebyte … 13117.html Jak program coś znajdzie nic nie usuwaj pokaż raport na forum
ok, wielkie dzięki ,spandaupol", sorry za te głupie teksty, ale po prostu dołował mnie ten błąd a nikt mi nie chciał wcześniej udzielić pomocy, dzięki ci za poświęcenie czasu i za uwagę 
nie kręć
to ty nie chciałeś otrzymać pomocy oświadczając że nie będziesz robił logów OTL
dlugie-wyczekiwanie-pulpit-t445261.html#p2820423
[-X
ale w końcu logi przecież podałem i każdy miał do nich dostęp…