Witam!
Mam pewien problem, otóż dzisiaj zabrałem się za skanowanie komputera programem Spyware Doctor 7.0.0.514 with Antivirus. Wykrył on Trojana Generic w pliku systemowym nvaux32.dll. Nie wiem co teraz robić: czy usunąć ten plik jak sugerują inne portale, czy może zrobić formata. Próbowałem go podać kwarantannie w Spyware Doctorze, ale program odmawiał mi posłuszeństwa.
Pokaż log z: OTL
Przestawiasz w nim Processes i Modules na All oraz wklejasz w dolne białe okienko Custom Scans/Fixes :
Klikasz Run Scan. - otl-gmer-rsit-dds-inne-instrukcje-t370405.html
OTL logfile created on: 2009-12-26 18:38:57 - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\admin\Pulpit
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
895,00 Mb Total Physical Memory | 223,00 Mb Available Physical Memory | 25,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 44,00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,64 Gb Total Space | 4,57 Gb Free Space | 10,47% Space Free | Partition Type: FAT32
Drive D: | 29,00 Gb Total Space | 28,96 Gb Free Space | 99,87% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TWOJA-96B0DFBED
Current User Name: admin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (All) ==========
PRC - [2009-12-26 18:38:14 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\admin\Pulpit\OTL.exe
PRC - [2009-11-25 12:30:00 | 02,983,376 | ---- | M] (PC Tools) – C:\Program Files\Spyware Doctor\pctsGui.exe
PRC - [2009-11-18 12:47:14 | 01,243,088 | ---- | M] (PC Tools) – C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009-11-06 14:29:22 | 01,141,712 | ---- | M] (PC Tools) – C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009-10-30 11:18:16 | 00,359,624 | ---- | M] (PC Tools) – C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009-10-28 07:54:16 | 00,634,632 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-08-06 19:24:06 | 00,053,472 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-02-09 12:10:46 | 00,111,104 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\services.exe
PRC - [2007-09-25 01:11:36 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
PRC - [2007-06-13 14:23:50 | 01,034,752 | ---- | M] (Microsoft Corporation) – c:\WINDOWS\explorer.exe
PRC - [2007-05-31 17:20:42 | 00,068,856 | ---- | M] (Google Inc.) – C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006-03-14 17:46:00 | 00,090,112 | ---- | M] (ASUSTeK Computer Inc.) – C:\Program Files\Asus\Power4 Gear\BatteryLife.exe
PRC - [2005-06-11 01:53:32 | 00,057,856 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\spoolsv.exe
PRC - [2004-08-04 13:00:00 | 00,504,832 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 13:00:00 | 00,050,688 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 13:00:00 | 00,044,544 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\alg.exe
PRC - [2004-08-04 13:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [imgSVC]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 13:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 13:00:00 | 00,006,144 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\csrss.exe
========== Modules (All) ==========
MOD - [2009-12-26 18:38:14 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\admin\Pulpit\OTL.exe
MOD - [2009-10-30 11:18:16 | 00,147,024 | ---- | M] (PC Tools) – C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2009-10-07 13:06:10 | 00,579,072 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\user32.DLL
MOD - [2009-09-09 22:54:58 | 00,155,184 | ---- | M] (PC Tools) – C:\Program Files\Spyware Doctor\smum32.dll
MOD - [2009-06-25 10:48:08 | 00,056,320 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 17:18:20 | 00,584,192 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\RPCRT4.DLL
MOD - [2009-03-21 16:21:24 | 01,014,784 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:22:08 | 00,686,080 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:22:06 | 00,722,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:01:38 | 00,283,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\gdi32.dll
MOD - [2008-07-03 14:03:38 | 08,489,472 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shell32.dll
MOD - [2008-02-26 14:01:52 | 00,294,912 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msctf.dll
MOD - [2007-12-04 19:42:02 | 00,550,912 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\oleaut32.dll
MOD - [2007-10-11 07:11:00 | 00,474,112 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shlwapi.dll
MOD - [2006-08-25 16:51:14 | 01,054,208 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2005-07-26 06:42:36 | 01,284,608 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-04 13:00:00 | 00,996,352 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-04 13:00:00 | 00,729,088 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\userenv.dll
MOD - [2004-08-04 13:00:00 | 00,343,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-04 13:00:00 | 00,219,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-04 13:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 13:00:00 | 00,177,152 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2004-08-04 13:00:00 | 00,172,544 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wldap32.dll
MOD - [2004-08-04 13:00:00 | 00,146,432 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 13:00:00 | 00,119,808 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ntmarta.dll
MOD - [2004-08-04 13:00:00 | 00,110,080 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\imm32.dll
MOD - [2004-08-04 13:00:00 | 00,083,456 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 13:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 13:00:00 | 00,064,000 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\samlib.dll
MOD - [2004-08-04 13:00:00 | 00,023,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 13:00:00 | 00,018,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\version.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] – -- (MSIServer)
SRV - File not found [Auto | Stopped] – -- (clr_optimization_v2.0.50727_32)
SRV - [2009-11-10 10:28:08 | 00,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Stopped] – C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe – (Browser Defender Update Service)
SRV - [2009-11-06 14:29:22 | 01,141,712 | ---- | M] (PC Tools) [Auto | Running] – C:\Program Files\Spyware Doctor\pctsSvc.exe – (sdCoreService)
SRV - [2009-10-30 11:18:16 | 00,359,624 | ---- | M] (PC Tools) [Auto | Running] – C:\Program Files\Spyware Doctor\pctsAuxs.exe – (sdAuxService)
SRV - [2009-02-20 22:03:30 | 00,137,200 | ---- | M] (Google) [On_Demand | Stopped] – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe – (gusvc)
SRV - [2007-10-29 12:00:30 | 00,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe – (Adobe LM Service)
SRV - [2006-03-08 09:42:00 | 00,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] – C:\WINDOWS\system32\ati2evxx.exe – (Ati HotKey Poller)
SRV - [2004-08-04 00:44:02 | 00,027,648 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\WINDOWS\system32\irmon.dll – (Irmon)
========== Driver Services (SafeList) ==========
DRV - [2009-11-09 11:20:12 | 00,207,792 | ---- | M] (PC Tools) [Kernel | Boot | Running] – C:\WINDOWS\system32\drivers\PCTCore.sys – (PCTCore)
DRV - [2009-10-17 08:16:14 | 00,021,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] – C:\WINDOWS\system32\drivers\dup.sys – (Dup)
DRV - [2007-11-13 11:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\secdrv.sys – (Secdrv)
DRV - [2007-10-29 11:30:14 | 00,685,816 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)
DRV - [2006-07-24 03:00:00 | 00,036,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\PxHelp20.sys – (PxHelp20)
DRV - [2006-06-06 17:51:36 | 00,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\mdc8021x.sys – (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2006-05-04 04:13:52 | 04,271,616 | R— | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.Sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-03-08 09:49:20 | 01,506,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ati2mtag.sys – (ati2mtag)
DRV - [2006-01-24 10:45:56 | 00,034,944 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ipswuio.sys – (ipswuio)
DRV - [2006-01-19 23:44:42 | 00,862,340 | R— | M] (Motorola Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\smserial.sys – (smserial)
DRV - [2006-01-18 05:41:58 | 00,080,512 | R— | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\Rtnicxp.sys – (RTL8023xp)
DRV - [2005-10-21 02:13:08 | 00,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\SynTP.sys – (SynTP)
DRV - [2005-10-03 10:26:36 | 00,720,470 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\SynMini.sys – (SynMini)
DRV - [2005-10-03 10:26:14 | 00,008,278 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\SynScan.sys – (SynScan)
DRV - [2005-07-14 12:14:34 | 00,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] – C:\WINDOWS\system32\DRIVERS\risdptsk.sys – (risdptsk)
DRV - [2005-07-12 19:00:30 | 00,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\rimsptsk.sys – (rimsptsk)
DRV - [2005-02-17 10:07:48 | 00,005,632 | ---- | M] () [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ATKACPI.sys – (MTsensor)
DRV - [2005-02-11 21:46:22 | 00,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\BCMWL5.SYS – (BCM43XX)
DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\Hdaudbus.sys – (HDAudBus)
DRV - [2004-10-15 12:50:20 | 00,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\BrScnUsb.sys – (BrScnUsb)
DRV - [2004-08-04 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ptilink.sys – (Ptilink)
DRV - [2004-08-04 00:37:04 | 00,031,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\wceusbsh.sys – (wceusbsh)
DRV - [2004-08-03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\RTL8139.sys – (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2002-09-09 19:54:06 | 00,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\ASNDIS5.sys – (ASNDIS5)
DRV - [2001-08-17 21:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\irsir.sys – (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” =
O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM…\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU…\Toolbar\ShellBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll File not found
O3 - HKCU…\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll File not found
O3 - HKCU…\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM…\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKLM…\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM…\Run: [iSTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM…\Run: [iSUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM…\Run: [iSUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM…\Run: [mswinlogon] C:\WINDOWS\mscsrss.exe File not found
O4 - HKLM…\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM…\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU…\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKCU…\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU…\Run: [skype] C:\Program Files\Skype\Phone\Skype.exe ()
O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU…\Run: [Windows Updates] c:\windows\system\Update.exe File not found
O4 - HKCU…\RunOnce: [shockwave Updater] C:\WINDOWS\System32\ADOBE\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -Mozilla\4.0 ( File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programy\Autostart\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra ‘Tools’ menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O15 - HKLM…Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU…Trusted Domains: margonem.pl ([]http in Zaufane witryny)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl … rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta … s-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.228.6.21
O20 - HKLM Winlogon: Shell - (c:\windows\explorer.exe) - c:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-06-06 17:20:22 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [FAT32]
O33 - MountPoints2{5d822190-e5f1-11db-ae86-00173194b13a}\Shell - “” = AutoRun
O33 - MountPoints2{905fc114-3c91-11de-b488-00173194b13a}\Shell - “” = AutoRun
O33 - MountPoints2{905fc115-3c91-11de-b488-00173194b13a}\Shell - “” = AutoRun
O33 - MountPoints2{dda2e318-62bc-11db-acce-00173194b13a}\Shell - “” = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] – “%1” %*
O35 - exefile [open] – “%1” %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2006-06-06 17:08:52 | 00,000,000 | —D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^ASUS ChkMail.lnk - C:\PROGRA~1\Asus\ASUSCH~1\ChkMail.exe - File not found
MsConfig - StartUpReg: ABLKSR - hkey= - key= - C:\WINDOWS\ABLKSR\ABLKSR.EXE (ASYSTeK Computer INC.)
MsConfig - StartUpReg: Alcmtr - hkey= - key= - C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: ASUS Live Update - hkey= - key= - C:\Program Files\ASUS\ASUS Live Update\ALU.exe File not found
MsConfig - StartUpReg: ATIPTA - hkey= - key= - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
MsConfig - StartUpReg: IS CfgWiz - hkey= - key= - c:\Program Files\Norton Internet Security\cfgwiz.exe File not found
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: Net4Switch - hkey= - key= - C:\Program Files\Asus\Net4Switch\Net4Switch.exe (ASUS)
MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SMSERIAL - hkey= - key= - C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
MsConfig - StartUpReg: SynTPEnh - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: URLLSTCK.exe - hkey= - key= - c:\Program Files\Norton Internet Security\UrlLstCk.exe File not found
MsConfig - StartUpReg: Wireless Console 2 - hkey= - key= - C:\Program Files\Wireless Console 2\wcourier.exe ()
MsConfig - State: “system.ini” - 0
MsConfig - State: “win.ini” - 0
MsConfig - State: “bootini” - 0
MsConfig - State: “services” - 0
MsConfig - State: “startup” - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sdauxservice - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SafeBootMin: sdcoreservice - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sdauxservice - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SafeBootNet: sdcoreservice - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
========== Files/Folders - Created Within 30 Days ==========
[2009-12-26 18:38:10 | 00,513,536 | ---- | C] (OldTimer Tools) – C:\Documents and Settings\admin\Pulpit\OTL.exe
[2009-12-26 14:13:17 | 00,000,000 | —D | C] – C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Threat Expert
[2009-12-26 14:09:49 | 01,640,400 | ---- | C] (Threat Expert Ltd.) – C:\WINDOWS\PCTBDCore.dll
[2009-12-26 14:09:49 | 00,165,840 | ---- | C] (Threat Expert Ltd.) – C:\WINDOWS\PCTBDRes.dll
[2009-12-26 14:09:49 | 00,149,456 | ---- | C] (PC Tools) – C:\WINDOWS\SGDetectionTool.dll
[2009-12-26 13:55:25 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\PC Tools
[2009-12-26 13:55:25 | 00,000,000 | —D | C] – C:\Documents and Settings\admin\Dane aplikacji\PC Tools
[2009-12-26 13:55:23 | 00,000,000 | —D | C] – C:\Program Files\Spyware Doctor
[2009-12-26 13:55:23 | 00,000,000 | —D | C] – C:\Program Files\Common Files\PC Tools
[2009-12-26 13:47:54 | 00,000,000 | -HSD | C] – C:\FOUND.008
[2009-12-26 13:35:16 | 00,000,000 | —D | C] – C:\Program Files\Common Files\PC Tools(2)
[2009-12-25 19:37:56 | 00,579,072 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\stevg
[2009-12-24 17:19:42 | 00,000,000 | -HSD | C] – C:\FOUND.007
[2009-12-19 16:57:49 | 00,579,072 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\pkurnpnlhb
[2009-11-28 11:53:32 | 00,000,000 | —D | C] – C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu 10
[2006-06-06 17:24:12 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-06-06 17:24:10 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-06-06 17:13:40 | 00,000,000 | --SD | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2006-06-06 17:13:40 | 00,000,000 | --SD | M] – C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[1 C:\WINDOWS\System32\drivers*.tmp files -> C:\WINDOWS\System32\drivers*.tmp ->]
[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files - Modified Within 30 Days ==========
[2009-12-26 18:38:14 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\admin\Pulpit\OTL.exe
[2009-12-26 14:46:12 | 00,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT
[2009-12-26 14:46:08 | 00,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat
[2009-12-26 14:46:06 | 93,892,1984 | -HS- | M] () – C:\hiberfil.sys
[2009-12-26 14:45:24 | 05,242,880 | ---- | M] () – C:\Documents and Settings\admin\ntuser.dat
[2009-12-26 14:45:16 | 00,000,188 | -HS- | M] () – C:\Documents and Settings\admin\ntuser.ini
[2009-12-26 14:45:10 | 04,836,966 | -H-- | M] () – C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-12-26 13:56:36 | 00,001,158 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl
[2009-12-26 10:22:40 | 00,032,768 | ---- | M] () – C:\WINDOWS\System32\zred.pa
[2009-12-26 10:22:40 | 00,024,576 | ---- | M] () – C:\WINDOWS\System32\4rr.pa
[2009-12-26 10:22:38 | 00,065,024 | ---- | M] () – C:\WINDOWS\System32\2rg3.es
[2009-12-26 10:22:38 | 00,064,512 | ---- | M] () – C:\WINDOWS\System32\ef3p.ee
[2009-12-26 10:22:38 | 00,021,504 | ---- | M] () – C:\WINDOWS\System32\gr1.e
[2009-12-20 10:29:08 | 00,032,768 | ---- | M] () – C:\WINDOWS\System32\fks.as
[2009-12-18 17:31:54 | 00,008,704 | ---- | M] () – C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-18 17:18:06 | 00,054,156 | -H-- | M] () – C:\WINDOWS\QTFont.qfn
[2009-12-15 11:42:00 | 20,300,4143 | ---- | M] () – C:\Documents and Settings\admin\Pulpit\3 - Gdy w Gorzowie Pan Rodzi sie - teledysk - wersja HD.mov
[2009-12-10 18:26:12 | 01,115,350 | ---- | M] () – C:\WINDOWS\System32\PerfStringBackup.INI
[2009-12-10 18:26:12 | 00,500,540 | ---- | M] () – C:\WINDOWS\System32\perfh015.dat
[2009-12-10 18:26:12 | 00,441,458 | ---- | M] () – C:\WINDOWS\System32\perfh009.dat
[2009-12-10 18:26:12 | 00,089,036 | ---- | M] () – C:\WINDOWS\System32\perfc015.dat
[2009-12-10 18:26:12 | 00,071,394 | ---- | M] () – C:\WINDOWS\System32\perfc009.dat
[2009-12-10 14:35:30 | 00,001,393 | ---- | M] () – C:\WINDOWS\imsins.BAK
[2009-12-07 03:21:02 | 00,000,883 | ---- | M] () – C:\WINDOWS\RegSDImport.xml
[2009-12-06 17:19:16 | 00,000,425 | ---- | M] () – C:\Documents and Settings\admin\Pulpit\Schmap for the iPhone#uid=venice&sid=activities_burano&p=314840&i=314840_127.url
[1 C:\WINDOWS\System32\drivers*.tmp files -> C:\WINDOWS\System32\drivers*.tmp ->]
[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files Created - No Company Name ==========
[2009-12-26 14:09:49 | 00,767,952 | ---- | C] () – C:\WINDOWS\BDTSupport.dll
[2009-12-26 14:09:44 | 00,007,387 | ---- | C] () – C:\WINDOWS\System32\drivers\pctgntdi.cat
[2009-12-26 14:09:41 | 00,007,412 | ---- | C] () – C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2009-12-26 14:09:41 | 00,007,383 | ---- | C] () – C:\WINDOWS\System32\drivers\pctcore.cat
[2009-12-26 14:09:33 | 00,007,383 | ---- | C] () – C:\WINDOWS\System32\drivers\pctplsg.cat
[2009-12-26 13:35:50 | 01,152,444 | ---- | C] () – C:\WINDOWS\UDB.zip
[2009-12-26 13:35:50 | 00,000,883 | ---- | C] () – C:\WINDOWS\RegSDImport.xml
[2009-12-26 13:35:50 | 00,000,880 | ---- | C] () – C:\WINDOWS\RegISSImport.xml
[2009-12-26 13:35:50 | 00,000,131 | ---- | C] () – C:\WINDOWS\IDB.zip
[2009-12-18 17:25:23 | 20,300,4143 | ---- | C] () – C:\Documents and Settings\admin\Pulpit\3 - Gdy w Gorzowie Pan Rodzi sie - teledysk - wersja HD.mov
[2009-12-06 17:19:15 | 00,000,425 | ---- | C] () – C:\Documents and Settings\admin\Pulpit\Schmap for the iPhone#uid=venice&sid=activities_burano&p=314840&i=314840_127.url
[2009-10-30 20:24:57 | 00,001,755 | ---- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache
[2009-10-19 19:35:20 | 00,000,404 | ---- | C] () – C:\WINDOWS\BRWMARK.INI
[2009-10-19 19:35:20 | 00,000,027 | ---- | C] () – C:\WINDOWS\BRPP2KA.INI
[2009-10-07 13:06:08 | 00,290,816 | ---- | C] () – C:\WINDOWS\System32\nvaux32.dll
[2009-06-06 16:04:24 | 00,006,148 | -H-- | C] () – C:\Program Files.DS_Store
[2009-04-05 16:10:27 | 00,000,021 | ---- | C] () – C:\WINDOWS\pit2007.ini
[2009-04-05 16:10:26 | 00,000,079 | ---- | C] () – C:\WINDOWS\pit2008.ini
[2008-01-17 11:43:22 | 00,000,130 | ---- | C] () – C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2007-10-29 11:30:13 | 00,685,816 | ---- | C] () – C:\WINDOWS\System32\drivers\sptd.sys
[2007-10-29 11:27:36 | 00,001,189 | ---- | C] () – C:\WINDOWS\wincmd.ini
[2006-11-21 13:32:12 | 00,000,000 | ---- | C] () – C:\Documents and Settings\admin\Dane aplikacji\dm.ini
[2006-11-21 13:32:11 | 00,001,557 | ---- | C] () – C:\Documents and Settings\admin\Dane aplikacji\AdobeDLM.log
[2006-11-14 15:02:26 | 00,003,677 | ---- | C] () – C:\WINDOWS\PlaySnd.INI
[2006-10-16 21:21:41 | 00,001,162 | ---- | C] () – C:\WINDOWS\bestplayer.ini
[2006-10-16 20:57:41 | 00,290,183 | ---- | C] () – C:\Program Files\bestplayer1.0.zip
[2006-10-16 20:46:54 | 00,008,704 | ---- | C] () – C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-10-05 20:34:43 | 00,000,017 | ---- | C] () – C:\WINDOWS\Missing.ini
[2006-07-27 20:05:55 | 00,000,002 | ---- | C] () – C:\WINDOWS\PhotoSuite.ini
[2006-07-27 20:05:51 | 00,332,800 | ---- | C] () – C:\WINDOWS\System32\FPXLIB.DLL
[2006-07-27 20:05:51 | 00,122,880 | ---- | C] () – C:\WINDOWS\System32\JPEGLIB.DLL
[2006-07-27 20:05:51 | 00,122,880 | ---- | C] () – C:\WINDOWS\System32\EnrouteStitch.dll
[2006-07-11 17:01:07 | 00,000,222 | ---- | C] () – C:\WINDOWS\VOGEL.INI
[2006-07-11 10:01:39 | 00,000,116 | ---- | C] () – C:\WINDOWS\NeroDigital.ini
[2006-06-06 17:51:13 | 00,006,272 | ---- | C] () – C:\WINDOWS\System32\drivers\ASLM75.SYS
[2006-06-06 17:49:07 | 00,069,632 | R— | C] () – C:\WINDOWS\sm56spn.dll
[2006-06-06 17:49:07 | 00,069,632 | R— | C] () – C:\WINDOWS\sm56itl.dll
[2006-06-06 17:49:07 | 00,069,632 | R— | C] () – C:\WINDOWS\sm56eng.dll
[2006-06-06 17:49:07 | 00,069,632 | R— | C] () – C:\WINDOWS\sm56brz.dll
[2006-06-06 17:49:07 | 00,061,440 | R— | C] () – C:\WINDOWS\sm56ger.dll
[2006-06-06 17:49:07 | 00,061,440 | R— | C] () – C:\WINDOWS\sm56fra.dll
[2006-06-06 17:49:07 | 00,053,248 | R— | C] () – C:\WINDOWS\sm56jpn.dll
[2006-06-06 17:49:07 | 00,049,152 | R— | C] () – C:\WINDOWS\sm56cht.dll
[2006-06-06 17:49:07 | 00,049,152 | R— | C] () – C:\WINDOWS\sm56chs.dll
[2006-06-06 17:37:46 | 00,135,168 | R— | C] () – C:\WINDOWS\System32\RtlCPAPI.dll
[2006-06-06 17:14:02 | 00,020,491 | -H-- | C] () – C:\WINDOWS\System32\MFC421.dll
[2006-06-06 17:14:02 | 00,020,491 | ---- | C] () – C:\WINDOWS\System32\MFC421D.dll
[2006-06-06 11:54:27 | 00,000,061 | ---- | C] () – C:\WINDOWS\smscfg.ini
[2006-04-18 23:30:58 | 03,596,288 | ---- | C] () – C:\WINDOWS\System32\qt-dx331.dll
[2006-02-25 14:12:34 | 00,180,224 | ---- | C] () – C:\WINDOWS\System32\xvidvfw.dll
[2006-02-25 14:09:38 | 00,774,144 | ---- | C] () – C:\WINDOWS\System32\xvidcore.dll
[2006-01-02 21:16:32 | 00,000,010 | ---- | C] () – C:\WINDOWS\System32\ABLKSR.ini
[2005-02-17 10:07:48 | 00,005,632 | ---- | C] () – C:\WINDOWS\System32\drivers\ATKACPI.sys
[2004-11-24 07:38:18 | 00,007,424 | ---- | C] () – C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2004-11-24 07:38:18 | 00,002,538 | ---- | C] () – C:\WINDOWS\System32\OEMINFO.INI
[2004-10-11 11:19:00 | 00,092,672 | ---- | C] () – C:\WINDOWS\System32\ASUSASV2.DLL
[2004-09-16 13:26:40 | 00,012,634 | ---- | C] () – C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004-09-16 13:26:40 | 00,012,634 | ---- | C] () – C:\WINDOWS\ADFUUD.SYS
[2004-07-08 13:34:58 | 00,077,824 | ---- | C] () – C:\WINDOWS\System32\vorbisfile.dll
[2004-07-08 13:34:56 | 01,015,808 | ---- | C] () – C:\WINDOWS\System32\vorbisenc.dll
[2004-07-08 13:34:52 | 01,200,128 | ---- | C] () – C:\WINDOWS\System32\vorbis.dll
[2004-07-08 13:32:40 | 00,049,152 | ---- | C] () – C:\WINDOWS\System32\ogg.dll
========== Custom Scans ==========
< %systemdrive%*.* >
[2003-02-19 16:28:10 | 00,000,037 | ---- | M] () – C:\Store.LOG
[2007-01-05 16:33:50 | 00,005,868 | ---- | M] () – C:\Adobe.Photoshop.Elements.v5.0.Repack.ZWTiSO.www!OsIoLeK!com.nfo
[2009-01-31 19:25:40 | 00,000,077 | ---- | M] () – C:\moj_plik.ini
[2006-04-11 02:53:46 | 00,524,288 | RH-- | M] () – C:\A6Rp.BIN
[2006-05-04 02:36:14 | 00,000,009 | R— | M] () – C:\A6Rp.10
[2005-06-27 04:32:26 | 00,000,010 | ---- | M] () – C:\NIS_ENG.LOG
[2004-11-04 08:57:16 | 00,000,014 | ---- | M] () – C:\NERO.LOG
[2005-09-21 07:19:42 | 00,000,035 | ---- | M] () – C:\ASUSDVD.LOG
[2009-12-26 14:46:04 | 60,397,9776 | -HS- | M] () – C:\pagefile.sys
[2004-08-04 13:00:00 | 00,004,952 | RHS- | M] () – C:\Bootfont.bin
[2004-08-04 13:00:00 | 00,250,624 | RHS- | M] () – C:\ntldr
[2004-08-04 13:00:00 | 00,047,564 | RHS- | M] () – C:\NTDETECT.COM
[2004-11-23 16:25:10 | 00,000,014 | ---- | M] () – C:\XPHL_SP2.POL
[2009-06-01 15:25:44 | 00,000,002 | ---- | M] () – C:\example.txt
[2008-01-17 12:05:42 | 00,000,211 | RHS- | M] () – C:\boot.ini
[2006-06-06 17:20:22 | 00,000,000 | ---- | M] () – C:\CONFIG.SYS
[2006-06-06 17:20:22 | 00,000,000 | ---- | M] () – C:\AUTOEXEC.BAT
[2006-06-06 17:20:22 | 00,000,000 | RHS- | M] () – C:\IO.SYS
[2006-06-06 17:20:22 | 00,000,000 | RHS- | M] () – C:\MSDOS.SYS
[2009-06-06 16:09:26 | 00,015,364 | -H-- | M] () – C:.DS_Store
[2006-06-06 17:37:52 | 00,000,499 | ---- | M] () – C:\RHDSetup.log
[2006-06-06 17:41:42 | 00,000,086 | ---- | M] () – C:\setup.log
[2006-06-06 17:54:10 | 00,000,009 | ---- | M] () – C:\Finish.log
[2006-06-06 17:54:10 | 00,011,166 | ---- | M] () – C:\devlist.txt
[2009-12-26 14:46:06 | 93,892,1984 | -HS- | M] () – C:\hiberfil.sys
[2006-08-26 17:16:02 | 00,000,170 | ---- | M] () – C:\ASWL2K.ini
[2007-10-29 11:27:02 | 02,155,208 | ---- | M] (C. Ghisler & Co.) – C:\tcmd702a.exe
[2007-10-29 11:29:48 | 01,902,536 | ---- | M] (DT Soft Ltd.) – C:\daemon410-x86.exe
< End of report >
– Dodane 26.12.2009 (So) 18:43 –
OTL Extras logfile created on: 2009-12-26 18:38:57 - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\admin\Pulpit
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
895,00 Mb Total Physical Memory | 223,00 Mb Available Physical Memory | 25,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 44,00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,64 Gb Total Space | 4,57 Gb Free Space | 10,47% Space Free | Partition Type: FAT32
Drive D: | 29,00 Gb Total Space | 28,96 Gb Free Space | 99,87% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TWOJA-96B0DFBED
Current User Name: admin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes]
.html [@ = htmlfile] – C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\shell[command]\command]
batfile [open] – “%1” %*
cmdfile [open] – “%1” %*
comfile [open] – “%1” %*
exefile [open] – “%1” %*
htmlfile [edit] – Reg Error: Key error.
htmlfile [open] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” -nohome (Microsoft Corporation)
htmlfile [opennew] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” %1 (Microsoft Corporation)
http [open] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” -nohome (Microsoft Corporation)
https [open] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” -nohome (Microsoft Corporation)
piffile [open] – “%1” %*
regfile [merge] – Reg Error: Key error.
scrfile [config] – “%1”
scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] – “%1” /S
txtfile [edit] – Reg Error: Key error.
Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] – %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] – %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” %1 (Microsoft Corporation)
CLSID{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] – “C:\Program Files\Internet Explorer\iexplore.exe” (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“FirstRunDisabled” = 1
“AntiVirusDisableNotify” = 0
“FirewallDisableNotify” = 0
“UpdatesDisableNotify” = 0
“AntiVirusOverride” = 1
“FirewallOverride” = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
“139:TCP” = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
“445:TCP” = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
“137:UDP” = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
“138:UDP” = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
“1900:UDP” = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
“2869:TCP” = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
“EnableFirewall” = 1
“DoNotAllowExceptions” = 1
“DisableNotifications” = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
“139:TCP” = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
“445:TCP” = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
“137:UDP” = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
“138:UDP” = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
“1900:UDP” = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
“2869:TCP” = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
“27015:UDP” = 27015:UDP:*:Enabled:hlds
“27019:UDP” = 27019:UDP:*:Enabled:hlds
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
“C:\Program Files\Gadu-Gadu\GG.EXE” = C:\Program Files\Gadu-Gadu\GG.EXE:*:Enabled:Gadu-Gadu - program glowny – (Gadu-Gadu S.A.)
“C:\Program Files\eMule\emule.exe” = C:\Program Files\eMule\emule.exe:*:Enabled:eMule – (http://www.emule-project.net)
“C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe” = C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.1 – (Sony Creative Software Inc.)
“C:\Program Files\Sony Ericsson\Update Service\Update Service.exe” = C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service – ()
“C:\Program Files\BITia\metin2.bin” = C:\Program Files\BITia\metin2.bin:*:Enabled:metin2 – File not found
“G:\metin2.bin” = G:\metin2.bin:*:Enabled:metin2 – File not found
“C:\Program Files\Sony Ericsson\CS\hl.exe” = C:\Program Files\Sony Ericsson\CS\hl.exe:*:Enabled:Half-Life Launcher – (Valve)
“C:\Program Files\Sony Ericsson\CS\hlds.exe” = C:\Program Files\Sony Ericsson\CS\hlds.exe:*:Enabled:hlds – (Valve)
“C:\Program Files\Spyware Doctor\pctsGui.exe” = C:\Program Files\Spyware Doctor\pctsGui.exe:*:Enabled:Spyware Doctor – (PC Tools)
“C:\Program Files\Spyware Doctor\pctsSvc.exe” = C:\Program Files\Spyware Doctor\pctsSvc.exe:*:Enabled:pctsSvc – (PC Tools)
“C:\Program Files\Skype\Phone\Skype.exe” = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype – ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{0096A731-71DB-4969-AF1A-651698B246A5}” = Sony Ericsson Media Manager 1.1
“{0BEDBD4E-2D34-47B5-9973-57E62B29307C}” = Panel sterowania ATI
“{2318C2B1-4965-11d4-9B18-009027A5CD4F}” = Google Toolbar for Internet Explorer
“{236BB7C4-4419-42FD-0409-1E257A25E34D}” = Adobe Photoshop CS2
“{2D43FD89-B225-4334-B4AA-0983400BE61B}” = Windows Presentation Foundation Language Pack (PLK)
“{3248F0A8-6813-11D6-A77B-00B0D0150100}” = J2SE Runtime Environment 5.0 Update 10
“{3248F0A8-6813-11D6-A77B-00B0D0160030}” = Java 6 Update 3
“{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}” = WebFldrs XP
“{4462AD13-F2AA-4CBD-9F95-293C38EED870}” = Power4 Gear
“{495998C4-FC8A-4302-82E0-53DE4D7A8F56}” = Windows Communication Foundation Language Pack - PLK
“{5AF71003-1797-4D93-9F37-4F2125CBF539}” = Microsoft .NET Framework 2.0 Language Pack - PLK
“{5B09BD67-4C99-46A1-8161-B7208CE18121}” = QuickTime
“{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}” = MP3 Player Utilities
“{64CB2553-C109-4132-AA51-1F421B515FD1}” = Microsoft .NET Framework 1.1 Polish Language Pack
“{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}” = ASUSDVD
“{686BB230-DE5B-44F4-8DB0-4F9BEE7310F7}” = OpenOffice.org 2.0
“{691B06EC-F84C-4103-B4D4-3FC5BC4941E9}” = OLYMPUS muvee theaterPack
“{716E0306-8318-4364-8B8F-0CC4E9376BAC}” = MSXML 4.0 SP2 Parser and SDK
“{71FF9607-1710-45D6-95AD-D4A27272DAD3}” = ASUS World Clock
“{7299052b-02a4-4627-81f2-1818da5d550d}” = Microsoft Visual C++ 2005 Redistributable
“{786C5747-1033-0000-B58E-000000000001}” = Adobe Stock Photos 1.0
“{7A529246-912F-4C40-A82A-E608DB702FD7}” = ASUS VideoSecurity Online
“{83F73CB1-7705-49D1-9852-84D839CA2A45}” = Wireless Console 2
“{8EDBA74D-0686-4C99-BFDD-F894678E5B39}” = Adobe Common File Installer
“{8F722FA9-B994-4C9B-B292-FD32D6206EDF}” = ASUS WLAN Card Utilities/Driver
“{97962A80-BEA5-4B97-B424-1693E1816281}” = MioMap v3 Updater
“{9D6D7811-43B3-463C-BC79-5D1755269989}” = Net4Switch
“{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}” = Microsoft .NET Framework 3.0 Service Pack 2
“{A87869D7-B133-498C-A347-D9BE109FF6C8}” = USB2.0 1.3M Web Cam
“{AC76BA86-7AD7-1033-7B44-A70000000000}” = Adobe Reader 7.0
“{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}” = REALTEK GbE & FE Ethernet NIC Driver
“{B74D4E10-1033-0000-0000-000000000001}” = Adobe Bridge 1.0
“{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}” = Apple Software Update
“{BAF78226-3200-4DB4-BE33-4D922A799840}” = Windows Presentation Foundation
“{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}” = Microsoft .NET Framework 2.0 Service Pack 2
“{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}” = Microsoft .NET Framework 1.1
“{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}” = Microsoft .NET Framework 3.5 SP1
“{DB76863D-D4D9-4AB3-AFDC-26717BA1E11C}” = Windows Workflow Foundation PL Language Pack
“{DE10AB76-4756-4913-BE25-55D1C1051F9A}” = WinFlash
“{E9787678-1033-0000-8E67-000000000001}” = Adobe Help Center 1.0
“{F0FC1E09-AF67-47BC-9E61-90ECFEB4CE82}” = OLYMPUS Master 2
“{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}” = Realtek High Definition Audio Driver
“{FD593DE6-C3A0-4722-8E86-9DEEF0A93290}” = Microsoft .NET Framework 3.0 Polish Language Pack
“Adobe Flash Player ActiveX” = Adobe Flash Player 10 ActiveX
“Adobe Flash Player Plugin” = Adobe Flash Player 10 Plugin
“Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}” = Adobe Photoshop CS2
“Adobe Shockwave Player” = Adobe Shockwave Player
“AdobeESD” = Adobe Download Manager 2.0 (Remove Only)
“ATI Display Driver” = ATI Display Driver
“Browser Defender_is1” = Browser Defender 2.0.6.11
“Codec_is1” = Codec 8.0
“CS16 Full v32.1 Non-Steam” = CS16 Full v32.1 Non-Steam
“Deluxe Ski Jump 3_is1” = Deluxe Ski Jump 3 v1.6.1
“eMule” = eMule
“Gadu-Gadu” = Gadu-Gadu 7.6
“HControl” = ATK0100 ACPI UTILITY
“IDNMitigationAPIs” = Microsoft Internationalized Domain Names Mitigation APIs
“ie7” = Windows Internet Explorer 7
“InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7}” = ASUS VideoSecurity Online
“MGI_PRISM_V3_0” = MGI PhotoSuite III SE (Remove Only)
“Microsoft .NET Framework 1.1 (1033)” = Microsoft .NET Framework 1.1
“Microsoft .NET Framework 2.0 Language Pack - PLK” = Microsoft .NET Framework 2.0 — pakiet języka polskiego
“Microsoft .NET Framework 3.0 Polish Language Pack” = Pakiet języka polskiego dla systemu Microsoft .NET Framework 3.0
“Microsoft .NET Framework 3.5 SP1” = Microsoft .NET Framework 3.5 SP1
“MSCompPackV1” = Microsoft Compression Client Pack 1.0 for Windows XP
“Neat Image_is1” = Neat Image v5 Demo
“Nero - Burning Rom!UninstallKey” = Nero OEM
“NLSDownlevelMapping” = Microsoft National Language Support Downlevel APIs
“Program Pit 2008 - rozliczenie roczne podatku dochodowego_is1” = Program Pit 2008 - wersja 2.0.0.15
“Ski Jump International” = Ski Jump International 3.11 Shareware
“Skype_is1” = Skype 2.5
“SMSERIAL” = Motorola SM56 Data Fax Modem
“Spyware Doctor” = Spyware Doctor 7.0
“SynTPDeinstKey” = Synaptics Pointing Device Driver
“TC PowerPack” = TC PowerPack 1.7
“Tibia Auto” = NSIS Example2
“Totalcmd” = Total Commander (Remove or Repair)
“Uninstall_is1” = Uninstall 1.0.0.1
“Update Service” = Update Service
“WIC” = Windows Imaging Component
“Windows Media Format Runtime” = Windows Media Format 11 runtime
“Windows Media Player” = Windows Media Player 11
“WinRAR archiver” = Archiwizator WinRAR
“WMFDist11” = Windows Media Format 11 runtime
“wmp11” = Windows Media Player 11
“Wudf01000” = Microsoft User-Mode Driver Framework Feature Pack 1.0
“XpsEPSC” = XML Paper Specification Shared Components Pack 1.0
“XPSEPSCLP” = XML Paper Specification Shared Components Language Pack 1.0
========== Last 10 Event Log Errors ==========
[Application Events]
Error - 2009-12-26 08:40:12 | Computer Name = TWOJA-96B0DFBED | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iexplore.exe, wersja 7.0.6000.16945, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2009-12-26 08:40:16 | Computer Name = TWOJA-96B0DFBED | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iexplore.exe, wersja 7.0.6000.16945, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2009-12-26 08:40:46 | Computer Name = TWOJA-96B0DFBED | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iexplore.exe, wersja 7.0.6000.16945, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2009-12-26 08:42:14 | Computer Name = TWOJA-96B0DFBED | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iexplore.exe, wersja 7.0.6000.16945, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2009-12-26 08:42:38 | Computer Name = TWOJA-96B0DFBED | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iexplore.exe, wersja 7.0.6000.16945, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2009-12-26 08:42:40 | Computer Name = TWOJA-96B0DFBED | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iexplore.exe, wersja 7.0.6000.16945, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2009-12-26 08:42:43 | Computer Name = TWOJA-96B0DFBED | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca iexplore.exe, wersja 7.0.6000.16945, moduł
zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.
Error - 2009-12-26 08:58:28 | Computer Name = TWOJA-96B0DFBED | Source = NativeWrapper | ID = 5000
Description =
Error - 2009-12-26 08:58:32 | Computer Name = TWOJA-96B0DFBED | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 3.5-kb963707,
P2 1045, P3 1601, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
Error - 2009-12-26 08:58:41 | Computer Name = TWOJA-96B0DFBED | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb974417,
P2 1045, P3 1601, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10
[System Events]
Error - 2009-12-26 08:58:34 | Computer Name = TWOJA-96B0DFBED | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Instalator Windows z powodu następującego
błędu: %%3
Error - 2009-12-26 08:58:38 | Computer Name = TWOJA-96B0DFBED | Source = Windows Update Agent | ID = 20
Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować
następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Aktualizacja programu
.NET Framework 3.5 z dodatkiem Service Pack 1 dla rozszerzenia .NET Framework Assistant
1.0 x86 (KB963707).
Error - 2009-12-26 08:58:38 | Computer Name = TWOJA-96B0DFBED | Source = Windows Update Agent | ID = 20
Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować
następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Aktualizacja dla programu
Microsoft XML Core Services 6.0 z dodatkiem Service Pack 2 (KB973686).
Error - 2009-12-26 08:58:41 | Computer Name = TWOJA-96B0DFBED | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%3” podczas próby uruchomienia usługi MSIServer
z argumentami „” w celu uruchomienia serwera: {000C101C-0000-0000-C000-000000000046}
Error - 2009-12-26 08:58:41 | Computer Name = TWOJA-96B0DFBED | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Instalator Windows z powodu następującego
błędu: %%3
Error - 2009-12-26 08:58:47 | Computer Name = TWOJA-96B0DFBED | Source = Windows Update Agent | ID = 20
Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować
następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Aktualizacja zabezpieczeń
programu Microsoft .NET Framework 2.0 z dodatkiem SP2 w systemach Windows 2000,
Windows Server 2003 i Windows XP (KB974417).
Error - 2009-12-26 09:09:40 | Computer Name = TWOJA-96B0DFBED | Source = DCOM | ID = 10005
Description = Model DCOM odebrał błąd „%3” podczas próby uruchomienia usługi MSIServer
z argumentami „” w celu uruchomienia serwera: {000C101C-0000-0000-C000-000000000046}
Error - 2009-12-26 09:09:40 | Computer Name = TWOJA-96B0DFBED | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Instalator Windows z powodu następującego
błędu: %%3
Error - 2009-12-26 11:24:50 | Computer Name = TWOJA-96B0DFBED | Source = Service Control Manager | ID = 7034
Description = Usługa Browser Defender Update Service niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1.
Error - 2009-12-26 11:27:15 | Computer Name = TWOJA-96B0DFBED | Source = Service Control Manager | ID = 7034
Description = Usługa Ati HotKey Poller niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1.
< End of report >
– Dodane 26.12.2009 (So) 19:00 –
sorry, przez przypadek wysłałem ci 2 raporty, Otl i Extras. Proszę pomóż szybko.
Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052
Uruchom OTL i w oknie Custom Scans/Fixes wklej to:
Kliknij w Run Fix. Zatwierdź restart komputera.
Następnie uruchom OTL ponownie, tym razem wywołaj opcję Run Scan.
Pokaż nowy log OTL.txt oraz log z czyszczenia.
OTL logfile created on: 2009-12-26 20:24:47 - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\admin\Pulpit
Windows XP Home Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
895,00 Mb Total Physical Memory | 480,00 Mb Available Physical Memory | 54,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,64 Gb Total Space | 5,58 Gb Free Space | 12,79% Space Free | Partition Type: FAT32
Drive D: | 29,00 Gb Total Space | 28,96 Gb Free Space | 99,87% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TWOJA-96B0DFBED
Current User Name: admin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (All) ==========
PRC - [2009-12-26 20:23:48 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\admin\Pulpit\OTL.exe
PRC - [2009-11-18 12:47:14 | 01,243,088 | ---- | M] (PC Tools) – C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009-11-10 10:28:08 | 00,112,592 | ---- | M] (Threat Expert Ltd.) – C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009-11-06 14:29:22 | 01,141,712 | ---- | M] (PC Tools) – C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009-10-30 11:18:16 | 00,359,624 | ---- | M] (PC Tools) – C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009-10-28 07:54:16 | 00,634,632 | ---- | M] (Microsoft Corporation) – C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009-08-06 19:24:06 | 00,053,472 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-02-09 12:10:46 | 00,111,104 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\services.exe
PRC - [2009-02-06 18:39:30 | 00,227,840 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2007-10-19 20:16:26 | 00,286,720 | ---- | M] (Apple Inc.) – C:\Program Files\QuickTime\QTTask.exe
PRC - [2007-09-25 01:11:36 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
PRC - [2007-06-13 14:23:50 | 01,034,752 | ---- | M] (Microsoft Corporation) – c:\WINDOWS\explorer.exe
PRC - [2007-05-31 17:20:42 | 00,068,856 | ---- | M] (Google Inc.) – C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006-03-14 17:46:00 | 00,090,112 | ---- | M] (ASUSTeK Computer Inc.) – C:\Program Files\Asus\Power4 Gear\BatteryLife.exe
PRC - [2006-03-08 09:42:00 | 00,405,504 | ---- | M] (ATI Technologies Inc.) – C:\WINDOWS\system32\ati2evxx.exe
PRC - [2006-02-22 23:40:40 | 00,106,496 | ---- | M] () – C:\WINDOWS\ATK0100\HControl.exe
PRC - [2006-02-21 02:25:58 | 02,170,880 | ---- | M] () – C:\WINDOWS\ATK0100\ATKOSD.exe
PRC - [2005-06-11 01:53:32 | 00,057,856 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\spoolsv.exe
PRC - [2005-02-17 07:15:20 | 00,081,920 | ---- | M] (InstallShield Software Corporation) – C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004-12-14 04:44:06 | 00,029,696 | ---- | M] (Adobe Systems Incorporated) – C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2004-08-04 13:00:00 | 00,504,832 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winlogon.exe
PRC - [2004-08-04 13:00:00 | 00,050,688 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\smss.exe
PRC - [2004-08-04 13:00:00 | 00,044,544 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\alg.exe
PRC - [2004-08-04 13:00:00 | 00,015,360 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ctfmon.exe
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [imgSVC]
PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004-08-04 13:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\lsass.exe
PRC - [2004-08-04 13:00:00 | 00,006,144 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\csrss.exe
========== Modules (All) ==========
MOD - [2009-12-26 20:23:48 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\admin\Pulpit\OTL.exe
MOD - [2009-10-30 11:18:16 | 00,147,024 | ---- | M] (PC Tools) – C:\Program Files\Spyware Doctor\PCTGMhk.dll
MOD - [2009-10-07 13:06:10 | 00,579,072 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\user32.DLL
MOD - [2009-09-09 22:54:58 | 00,155,184 | ---- | M] (PC Tools) – C:\Program Files\Spyware Doctor\smum32.dll
MOD - [2009-06-25 10:48:08 | 00,056,320 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\secur32.dll
MOD - [2009-04-15 17:18:20 | 00,584,192 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\RPCRT4.DLL
MOD - [2009-03-21 16:21:24 | 01,014,784 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-09 12:22:08 | 00,686,080 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\advapi32.dll
MOD - [2009-02-09 12:22:06 | 00,722,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ntdll.dll
MOD - [2008-10-23 14:01:38 | 00,283,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\gdi32.dll
MOD - [2008-07-03 14:03:38 | 08,489,472 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shell32.dll
MOD - [2008-02-26 14:01:52 | 00,294,912 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msctf.dll
MOD - [2007-12-04 19:42:02 | 00,550,912 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\oleaut32.dll
MOD - [2007-10-11 07:11:00 | 00,474,112 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\shlwapi.dll
MOD - [2006-08-25 16:51:14 | 01,054,208 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2005-07-26 06:42:36 | 01,284,608 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\ole32.dll
MOD - [2004-08-04 13:00:00 | 00,996,352 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\setupapi.dll
MOD - [2004-08-04 13:00:00 | 00,729,088 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\userenv.dll
MOD - [2004-08-04 13:00:00 | 00,343,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\msvcrt.dll
MOD - [2004-08-04 13:00:00 | 00,219,648 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\uxtheme.dll
MOD - [2004-08-04 13:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004-08-04 13:00:00 | 00,177,152 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2004-08-04 13:00:00 | 00,146,432 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\winspool.drv
MOD - [2004-08-04 13:00:00 | 00,126,976 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\apphelp.dll
MOD - [2004-08-04 13:00:00 | 00,110,080 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\imm32.dll
MOD - [2004-08-04 13:00:00 | 00,083,456 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\olepro32.dll
MOD - [2004-08-04 13:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\srclient.dll
MOD - [2004-08-04 13:00:00 | 00,023,040 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\psapi.dll
MOD - [2004-08-04 13:00:00 | 00,018,944 | ---- | M] (Microsoft Corporation) – C:\WINDOWS\system32\version.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] – -- (MSIServer)
SRV - File not found [Auto | Stopped] – -- (clr_optimization_v2.0.50727_32)
SRV - [2009-11-10 10:28:08 | 00,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] – C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe – (Browser Defender Update Service)
SRV - [2009-11-06 14:29:22 | 01,141,712 | ---- | M] (PC Tools) [Auto | Running] – C:\Program Files\Spyware Doctor\pctsSvc.exe – (sdCoreService)
SRV - [2009-10-30 11:18:16 | 00,359,624 | ---- | M] (PC Tools) [Auto | Running] – C:\Program Files\Spyware Doctor\pctsAuxs.exe – (sdAuxService)
SRV - [2009-02-20 22:03:30 | 00,137,200 | ---- | M] (Google) [On_Demand | Stopped] – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe – (gusvc)
SRV - [2007-10-29 12:00:30 | 00,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] – C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe – (Adobe LM Service)
SRV - [2006-03-08 09:42:00 | 00,405,504 | ---- | M] (ATI Technologies Inc.) [Auto | Running] – C:\WINDOWS\system32\ati2evxx.exe – (Ati HotKey Poller)
SRV - [2004-08-04 00:44:02 | 00,027,648 | ---- | M] (Microsoft Corporation) [Auto | Running] – C:\WINDOWS\system32\irmon.dll – (Irmon)
========== Driver Services (SafeList) ==========
DRV - [2009-11-09 11:20:12 | 00,207,792 | ---- | M] (PC Tools) [Kernel | Boot | Running] – C:\WINDOWS\system32\drivers\PCTCore.sys – (PCTCore)
DRV - [2009-10-17 08:16:14 | 00,021,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] – C:\WINDOWS\system32\drivers\dup.sys – (Dup)
DRV - [2007-11-13 11:25:56 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\secdrv.sys – (Secdrv)
DRV - [2007-10-29 11:30:14 | 00,685,816 | ---- | M] () [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\sptd.sys – (sptd)
DRV - [2006-07-24 03:00:00 | 00,036,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] – C:\WINDOWS\System32\Drivers\PxHelp20.sys – (PxHelp20)
DRV - [2006-06-06 17:51:36 | 00,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] – C:\WINDOWS\system32\drivers\mdc8021x.sys – (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2006-05-04 04:13:52 | 04,271,616 | R— | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\RtkHDAud.Sys – (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-03-08 09:49:20 | 01,506,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ati2mtag.sys – (ati2mtag)
DRV - [2006-01-24 10:45:56 | 00,034,944 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\ipswuio.sys – (ipswuio)
DRV - [2006-01-19 23:44:42 | 00,862,340 | R— | M] (Motorola Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\smserial.sys – (smserial)
DRV - [2006-01-18 05:41:58 | 00,080,512 | R— | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\Rtnicxp.sys – (RTL8023xp)
DRV - [2005-10-21 02:13:08 | 00,191,936 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\SynTP.sys – (SynTP)
DRV - [2005-10-03 10:26:36 | 00,720,470 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\SynMini.sys – (SynMini)
DRV - [2005-10-03 10:26:14 | 00,008,278 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\SynScan.sys – (SynScan)
DRV - [2005-07-14 12:14:34 | 00,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] – C:\WINDOWS\system32\DRIVERS\risdptsk.sys – (risdptsk)
DRV - [2005-07-12 19:00:30 | 00,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\rimsptsk.sys – (rimsptsk)
DRV - [2005-02-17 10:07:48 | 00,005,632 | ---- | M] () [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ATKACPI.sys – (MTsensor)
DRV - [2005-02-11 21:46:22 | 00,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\BCMWL5.SYS – (BCM43XX)
DRV - [2005-01-07 17:07:18 | 00,138,752 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\Hdaudbus.sys – (HDAudBus)
DRV - [2004-10-15 12:50:20 | 00,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\BrScnUsb.sys – (BrScnUsb)
DRV - [2004-08-04 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\ptilink.sys – (Ptilink)
DRV - [2004-08-04 00:37:04 | 00,031,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\wceusbsh.sys – (wceusbsh)
DRV - [2004-08-03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] – C:\WINDOWS\system32\drivers\RTL8139.sys – (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C)
DRV - [2002-09-09 19:54:06 | 00,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\ASNDIS5.sys – (ASNDIS5)
DRV - [2001-08-17 21:51:32 | 00,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\WINDOWS\system32\drivers\irsir.sys – (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” =
O1 HOSTS File: (742 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM…\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU…\Toolbar\ShellBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll File not found
O3 - HKCU…\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll File not found
O3 - HKCU…\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM…\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM…\Run: [iSTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM…\Run: [iSUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM…\Run: [iSUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM…\Run: [mswinlogon] C:\WINDOWS\mscsrss.exe File not found
O4 - HKLM…\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM…\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU…\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKCU…\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU…\Run: [skype] C:\Program Files\Skype\Phone\Skype.exe ()
O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU…\Run: [Windows Updates] c:\windows\system\Update.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\admin\Menu Start\Programy\Autostart\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra ‘Tools’ menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O15 - HKLM…Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU…Trusted Domains: margonem.pl ([]http in Zaufane witryny)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl … rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta … s-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.228.6.21
O20 - HKLM Winlogon: Shell - (c:\windows\explorer.exe) - c:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-06-06 17:20:22 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT – [FAT32]
O33 - MountPoints2{5d822190-e5f1-11db-ae86-00173194b13a}\Shell - “” = AutoRun
O33 - MountPoints2{905fc114-3c91-11de-b488-00173194b13a}\Shell - “” = AutoRun
O33 - MountPoints2{905fc115-3c91-11de-b488-00173194b13a}\Shell - “” = AutoRun
O33 - MountPoints2{dda2e318-62bc-11db-acce-00173194b13a}\Shell - “” = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] – “%1” %*
O35 - exefile [open] – “%1” %*
========== Files/Folders - Created Within 30 Days ==========
[2009-12-26 20:24:32 | 00,513,536 | ---- | C] (OldTimer Tools) – C:\Documents and Settings\admin\Pulpit\OTL.exe
[2009-12-26 20:14:32 | 00,000,000 | —D | C] – C:_OTL
[2009-12-26 14:13:17 | 00,000,000 | —D | C] – C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Threat Expert
[2009-12-26 14:09:49 | 01,640,400 | ---- | C] (Threat Expert Ltd.) – C:\WINDOWS\PCTBDCore.dll
[2009-12-26 14:09:49 | 00,165,840 | ---- | C] (Threat Expert Ltd.) – C:\WINDOWS\PCTBDRes.dll
[2009-12-26 14:09:49 | 00,149,456 | ---- | C] (PC Tools) – C:\WINDOWS\SGDetectionTool.dll
[2009-12-26 13:55:25 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\PC Tools
[2009-12-26 13:55:25 | 00,000,000 | —D | C] – C:\Documents and Settings\admin\Dane aplikacji\PC Tools
[2009-12-26 13:55:23 | 00,000,000 | —D | C] – C:\Program Files\Spyware Doctor
[2009-12-26 13:55:23 | 00,000,000 | —D | C] – C:\Program Files\Common Files\PC Tools
[2009-12-26 13:47:54 | 00,000,000 | -HSD | C] – C:\FOUND.008
[2009-12-26 13:35:16 | 00,000,000 | —D | C] – C:\Program Files\Common Files\PC Tools(2)
[2009-12-25 19:37:56 | 00,579,072 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\stevg
[2009-12-24 17:19:42 | 00,000,000 | -HSD | C] – C:\FOUND.007
[2009-11-28 11:53:32 | 00,000,000 | —D | C] – C:\Documents and Settings\admin\Dane aplikacji\Gadu-Gadu 10
[2006-06-06 17:24:12 | 00,000,000 | —D | M] – C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-06-06 17:24:10 | 00,000,000 | —D | M] – C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft
[2006-06-06 17:13:40 | 00,000,000 | --SD | M] – C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft
[2006-06-06 17:13:40 | 00,000,000 | --SD | M] – C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft
[1 C:\WINDOWS\System32\drivers*.tmp files -> C:\WINDOWS\System32\drivers*.tmp ->]
[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files - Modified Within 30 Days ==========
[2009-12-26 20:23:48 | 00,513,536 | ---- | M] (OldTimer Tools) – C:\Documents and Settings\admin\Pulpit\OTL.exe
[2009-12-26 20:22:20 | 00,000,246 | ---- | M] () – C:\WINDOWS\System32\drivers\atmapi.sys
[2009-12-26 20:19:22 | 00,000,006 | -H-- | M] () – C:\WINDOWS\tasks\SA.DAT
[2009-12-26 20:19:18 | 00,002,048 | --S- | M] () – C:\WINDOWS\bootstat.dat
[2009-12-26 20:19:14 | 93,892,1984 | -HS- | M] () – C:\hiberfil.sys
[2009-12-26 20:19:14 | 00,145,216 | ---- | M] () – C:\WINDOWS\System32\FNTCACHE.DAT
[2009-12-26 14:45:24 | 05,242,880 | ---- | M] () – C:\Documents and Settings\admin\ntuser.dat
[2009-12-26 14:45:16 | 00,000,188 | -HS- | M] () – C:\Documents and Settings\admin\ntuser.ini
[2009-12-26 14:45:10 | 04,836,966 | -H-- | M] () – C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\IconCache.db
[2009-12-26 13:56:36 | 00,001,158 | ---- | M] () – C:\WINDOWS\System32\wpa.dbl
[2009-12-26 10:22:40 | 00,032,768 | ---- | M] () – C:\WINDOWS\System32\zred.pa
[2009-12-26 10:22:40 | 00,024,576 | ---- | M] () – C:\WINDOWS\System32\4rr.pa
[2009-12-26 10:22:38 | 00,065,024 | ---- | M] () – C:\WINDOWS\System32\2rg3.es
[2009-12-26 10:22:38 | 00,064,512 | ---- | M] () – C:\WINDOWS\System32\ef3p.ee
[2009-12-26 10:22:38 | 00,021,504 | ---- | M] () – C:\WINDOWS\System32\gr1.e
[2009-12-20 10:29:08 | 00,032,768 | ---- | M] () – C:\WINDOWS\System32\fks.as
[2009-12-18 17:31:54 | 00,008,704 | ---- | M] () – C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-18 17:18:06 | 00,054,156 | -H-- | M] () – C:\WINDOWS\QTFont.qfn
[2009-12-15 11:42:00 | 20,300,4143 | ---- | M] () – C:\Documents and Settings\admin\Pulpit\3 - Gdy w Gorzowie Pan Rodzi sie - teledysk - wersja HD.mov
[2009-12-10 18:26:12 | 01,115,350 | ---- | M] () – C:\WINDOWS\System32\PerfStringBackup.INI
[2009-12-10 18:26:12 | 00,500,540 | ---- | M] () – C:\WINDOWS\System32\perfh015.dat
[2009-12-10 18:26:12 | 00,441,458 | ---- | M] () – C:\WINDOWS\System32\perfh009.dat
[2009-12-10 18:26:12 | 00,089,036 | ---- | M] () – C:\WINDOWS\System32\perfc015.dat
[2009-12-10 18:26:12 | 00,071,394 | ---- | M] () – C:\WINDOWS\System32\perfc009.dat
[2009-12-10 14:35:30 | 00,001,393 | ---- | M] () – C:\WINDOWS\imsins.BAK
[2009-12-07 03:21:02 | 00,000,883 | ---- | M] () – C:\WINDOWS\RegSDImport.xml
[2009-12-06 17:19:16 | 00,000,425 | ---- | M] () – C:\Documents and Settings\admin\Pulpit\Schmap for the iPhone#uid=venice&sid=activities_burano&p=314840&i=314840_127.url
[1 C:\WINDOWS\System32\drivers*.tmp files -> C:\WINDOWS\System32\drivers*.tmp ->]
[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
========== Files Created - No Company Name ==========
[2009-12-26 20:22:19 | 00,000,246 | ---- | C] () – C:\WINDOWS\System32\drivers\atmapi.sys
[2009-12-26 14:09:49 | 00,767,952 | ---- | C] () – C:\WINDOWS\BDTSupport.dll
[2009-12-26 14:09:44 | 00,007,387 | ---- | C] () – C:\WINDOWS\System32\drivers\pctgntdi.cat
[2009-12-26 14:09:41 | 00,007,412 | ---- | C] () – C:\WINDOWS\System32\drivers\PCTAppEvent.cat
[2009-12-26 14:09:41 | 00,007,383 | ---- | C] () – C:\WINDOWS\System32\drivers\pctcore.cat
[2009-12-26 14:09:33 | 00,007,383 | ---- | C] () – C:\WINDOWS\System32\drivers\pctplsg.cat
[2009-12-26 13:35:50 | 01,152,444 | ---- | C] () – C:\WINDOWS\UDB.zip
[2009-12-26 13:35:50 | 00,000,883 | ---- | C] () – C:\WINDOWS\RegSDImport.xml
[2009-12-26 13:35:50 | 00,000,880 | ---- | C] () – C:\WINDOWS\RegISSImport.xml
[2009-12-26 13:35:50 | 00,000,131 | ---- | C] () – C:\WINDOWS\IDB.zip
[2009-12-18 17:25:23 | 20,300,4143 | ---- | C] () – C:\Documents and Settings\admin\Pulpit\3 - Gdy w Gorzowie Pan Rodzi sie - teledysk - wersja HD.mov
[2009-12-06 17:19:15 | 00,000,425 | ---- | C] () – C:\Documents and Settings\admin\Pulpit\Schmap for the iPhone#uid=venice&sid=activities_burano&p=314840&i=314840_127.url
[2009-10-30 20:24:57 | 00,001,755 | ---- | C] () – C:\Documents and Settings\All Users\Dane aplikacji\QTSBandwidthCache
[2009-10-19 19:35:20 | 00,000,404 | ---- | C] () – C:\WINDOWS\BRWMARK.INI
[2009-10-19 19:35:20 | 00,000,027 | ---- | C] () – C:\WINDOWS\BRPP2KA.INI
[2009-10-07 13:06:08 | 00,290,816 | ---- | C] () – C:\WINDOWS\System32\nvaux32.dll
[2009-06-06 16:04:24 | 00,006,148 | -H-- | C] () – C:\Program Files.DS_Store
[2009-04-05 16:10:27 | 00,000,021 | ---- | C] () – C:\WINDOWS\pit2007.ini
[2009-04-05 16:10:26 | 00,000,079 | ---- | C] () – C:\WINDOWS\pit2008.ini
[2008-01-17 11:43:22 | 00,000,130 | ---- | C] () – C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2007-10-29 11:30:13 | 00,685,816 | ---- | C] () – C:\WINDOWS\System32\drivers\sptd.sys
[2007-10-29 11:27:36 | 00,001,189 | ---- | C] () – C:\WINDOWS\wincmd.ini
[2006-11-21 13:32:12 | 00,000,000 | ---- | C] () – C:\Documents and Settings\admin\Dane aplikacji\dm.ini
[2006-11-21 13:32:11 | 00,001,557 | ---- | C] () – C:\Documents and Settings\admin\Dane aplikacji\AdobeDLM.log
[2006-11-14 15:02:26 | 00,003,677 | ---- | C] () – C:\WINDOWS\PlaySnd.INI
[2006-10-16 21:21:41 | 00,001,162 | ---- | C] () – C:\WINDOWS\bestplayer.ini
[2006-10-16 20:57:41 | 00,290,183 | ---- | C] () – C:\Program Files\bestplayer1.0.zip
[2006-10-16 20:46:54 | 00,008,704 | ---- | C] () – C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006-10-05 20:34:43 | 00,000,017 | ---- | C] () – C:\WINDOWS\Missing.ini
[2006-07-27 20:05:55 | 00,000,002 | ---- | C] () – C:\WINDOWS\PhotoSuite.ini
[2006-07-27 20:05:51 | 00,332,800 | ---- | C] () – C:\WINDOWS\System32\FPXLIB.DLL
[2006-07-27 20:05:51 | 00,122,880 | ---- | C] () – C:\WINDOWS\System32\JPEGLIB.DLL
[2006-07-27 20:05:51 | 00,122,880 | ---- | C] () – C:\WINDOWS\System32\EnrouteStitch.dll
[2006-07-11 17:01:07 | 00,000,222 | ---- | C] () – C:\WINDOWS\VOGEL.INI
[2006-07-11 10:01:39 | 00,000,116 | ---- | C] () – C:\WINDOWS\NeroDigital.ini
[2006-06-06 17:51:13 | 00,006,272 | ---- | C] () – C:\WINDOWS\System32\drivers\ASLM75.SYS
[2006-06-06 17:37:46 | 00,135,168 | R— | C] () – C:\WINDOWS\System32\RtlCPAPI.dll
[2006-06-06 17:14:02 | 00,020,491 | -H-- | C] () – C:\WINDOWS\System32\MFC421.dll
[2006-06-06 17:14:02 | 00,020,491 | ---- | C] () – C:\WINDOWS\System32\MFC421D.dll
[2006-06-06 11:54:27 | 00,000,061 | ---- | C] () – C:\WINDOWS\smscfg.ini
[2006-04-18 23:30:58 | 03,596,288 | ---- | C] () – C:\WINDOWS\System32\qt-dx331.dll
[2006-02-25 14:12:34 | 00,180,224 | ---- | C] () – C:\WINDOWS\System32\xvidvfw.dll
[2006-02-25 14:09:38 | 00,774,144 | ---- | C] () – C:\WINDOWS\System32\xvidcore.dll
[2006-01-02 21:16:32 | 00,000,010 | ---- | C] () – C:\WINDOWS\System32\ABLKSR.ini
[2005-02-17 10:07:48 | 00,005,632 | ---- | C] () – C:\WINDOWS\System32\drivers\ATKACPI.sys
[2004-11-24 07:38:18 | 00,007,424 | ---- | C] () – C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2004-11-24 07:38:18 | 00,002,538 | ---- | C] () – C:\WINDOWS\System32\OEMINFO.INI
[2004-10-11 11:19:00 | 00,092,672 | ---- | C] () – C:\WINDOWS\System32\ASUSASV2.DLL
[2004-09-16 13:26:40 | 00,012,634 | ---- | C] () – C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2004-09-16 13:26:40 | 00,012,634 | ---- | C] () – C:\WINDOWS\ADFUUD.SYS
[2004-07-08 13:34:58 | 00,077,824 | ---- | C] () – C:\WINDOWS\System32\vorbisfile.dll
[2004-07-08 13:34:56 | 01,015,808 | ---- | C] () – C:\WINDOWS\System32\vorbisenc.dll
[2004-07-08 13:34:52 | 01,200,128 | ---- | C] () – C:\WINDOWS\System32\vorbis.dll
[2004-07-08 13:32:40 | 00,049,152 | ---- | C] () – C:\WINDOWS\System32\ogg.dll
========== Custom Scans ==========
< :Processes >
< Explorer.EXE >
< >
< :OTL >
< O4 - HKCU…\RunOnce: [shockwave Updater] C:\WINDOWS\System32\ADOBE\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -Mozilla\4.0 ( File not found >
< [2009-12-19 16:57:49 | 00,579,072 | ---- | C] (Microsoft Corporation) – C:\WINDOWS\System32\pkurnpnlhb >
< [2009-10-07 13:06:08 | 00,290,816 | ---- | C] () – C:\WINDOWS\System32\nvaux32.dll >
< [2006-06-06 17:49:07 | 00,069,632 | R— | C] () – C:\WINDOWS\sm56spn.dll >
< [2006-06-06 17:49:07 | 00,069,632 | R— | C] () – C:\WINDOWS\sm56itl.dll >
< [2006-06-06 17:49:07 | 00,069,632 | R— | C] () – C:\WINDOWS\sm56eng.dll >
< [2006-06-06 17:49:07 | 00,069,632 | R— | C] () – C:\WINDOWS\sm56brz.dll >
< [2006-06-06 17:49:07 | 00,061,440 | R— | C] () – C:\WINDOWS\sm56ger.dll >
< [2006-06-06 17:49:07 | 00,061,440 | R— | C] () – C:\WINDOWS\sm56fra.dll >
< [2006-06-06 17:49:07 | 00,053,248 | R— | C] () – C:\WINDOWS\sm56jpn.dll >
< [2006-06-06 17:49:07 | 00,049,152 | R— | C] () – C:\WINDOWS\sm56cht.dll >
< [2006-06-06 17:49:07 | 00,049,152 | R— | C] () – C:\WINDOWS\sm56chs.dll >
< >
< :Files >
< C:\WINDOWS\System32\pkurnpnlhb >
< C:\WINDOWS\System32\nvaux32.dll >
[2009-10-07 13:06:10 | 00,290,816 | ---- | M] () – C:\WINDOWS\system32\nvaux32.dll
[1 C:\WINDOWS\System32*.tmp files -> C:\WINDOWS\System32*.tmp ->]
< End of report >
Zawartość logów wklejasz na wklej.org, wklej.to lub nopaste.pl, a w poście dajesz link.
Po wklejeniu skryptu w OTL miałeś kliknąć Run Fix , a nie Run Scan.
zrobilem najpierw run fix, ale w trakcie zaczeło się zacinać, bez przerwy pasek na dole się załadowywał. Trwało to jakieś 5 minut i potem już sam wyłączyłem komputer. Potem tak jak mi kazaliście zrobiłem run scan, a raport wkleiłem tutaj. To ja już nie wiem co robić
Pobierz The Avenger.W okienku, które się otworzy wklej:
kopiuj >> klikasz na Paste Script from Clipboard >> Execute >> Potwierdzasz i zgadzasz się na restart klikając OK.
Kasujesz ręcznie z dysku plik: C:\Avenger\backup.zip i wklejasz na forum raport: C:\avenger.txt
Wykonaj pełny skan Dr. Web CureIt
Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File “C:\WINDOWS\System32\nvaux32.dll” deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
Zaraz zabiore się za skanowanie. A czy przypadkiem usunięcie tego pliku systemowego w jakiś sposób nie zaburzy równowagi systemu? Za co odpowiada ten skrypt?
To jest syf i ostatni raz napiszę - Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052
Dobra, wielkie dzięki za pomoc. Uważam temat za zamknięty.