Zawieszanie się kompa, problemy z funkcjonowaniem [gmer, otl

**Posty:** 214 · przez **muzzy17** 16 Kwi 2011, 13:29

Kod: Zaznacz wszystko: GMER 1.0.15.15570 - http://www.gmer.net Rootkit scan 2011-04-16 13:15:53 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort0 WDC_WD600BB-00CAA1 rev.17.07W17 Running: sr15vh5p.exe; Driver: C:\DOCUME~1\aaa\USTAWI~1\Temp\pxtdrpow.sys ---- System - GMER 1.0.15 ---- SSDT Lbd.sys ZwCreateKey [0xF9A8187E] SSDT Lbd.sys ZwSetValueKey [0xF9A81BFE] ---- Kernel code sections - GMER 1.0.15 ---- ? Lbd.sys Nie można odnaleźć określonego pliku. ! ? C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys Nie można odnaleźć określonego pliku. ! ---- User code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\svchost.exe[596] ole32.dll!CoCreateInstance 774F057E 5 Bytes JMP 0084000A .text C:\Program Files\Internet Explorer\iexplore.exe[1376] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 4452F341 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1376] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 446C1777 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1376] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 446C16F8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1376] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 446C173C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1376] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 446C1684 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1376] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 446C16BE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1376] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 446C17B2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1376] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 445516B6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00135A4D IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 001359E8 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 001359B6 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 0013941E IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!EndPaint] 0013941E IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Program Files\Common Files\LightScribe\LSSrvc.exe[156] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00135A4D IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 001359E8 IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 001359B6 IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 0013941E IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!EndPaint] 0013941E IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\WINDOWS\system32\nvsvc32.exe[212] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\services.exe [ntdll.dll!NtQueryDirectoryFile] 00F45B01 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00F45B01 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00F45A4D IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00F459E8 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 00F459B6 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 00F4947D IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 00F4947D IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00F49448 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00F46062 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 00F4941E IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 00F493C1 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00F45DBA IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00F49448 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00F46062 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00F45B01 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcA] 00F4947D IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!EndPaint] 00F4941E IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!BeginPaint] 00F493C1 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!TranslateMessage] 00F46062 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcW] 00F49448 IAT C:\WINDOWS\system32\services.exe[432] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!GetClipboardData] 00F45DBA IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00E05B01 IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00E05A4D IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00E059E8 IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 00E059B6 IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\LSASRV.dll [ntdll.dll!LdrLoadDll] 00E05A4D IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00E05B01 IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!LdrLoadDll] 00E05A4D IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\SAMSRV.dll [ntdll.dll!LdrGetProcedureAddress] 00E059E8 IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00E05DBA IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00E09448 IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00E06062 IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] 00E0947D IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!EndPaint] 00E0941E IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!BeginPaint] 00E093C1 IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00E06062 IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] 00E09448 IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00E05DBA IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 00E0947D IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00E09448 IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00E06062 IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 00E0941E IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 00E093C1 IAT C:\WINDOWS\system32\lsass.exe[444] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 00E0947D IAT C:\WINDOWS\system32\svchost.exe[596] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 00B759B6 IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00405B01 IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00405A4D IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 004059E8 IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 004059B6 IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00405DBA IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00409448 IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00406062 IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] 0040947D IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!EndPaint] 0040941E IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!BeginPaint] 004093C1 IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00406062 IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] 00409448 IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00405DBA IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 0040947D IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00409448 IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00406062 IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 0040941E IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 004093C1 IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 0040947D IAT C:\WINDOWS\System32\svchost.exe[620] @ C:\WINDOWS\System32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00405B01 IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00E35B01 IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00E35A4D IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00E359E8 IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 00E359B6 IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00E35DBA IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00E39448 IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00E36062 IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] 00E3947D IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!EndPaint] 00E3941E IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!BeginPaint] 00E393C1 IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00E36062 IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] 00E39448 IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00E35DBA IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 00E3947D IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00E39448 IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00E36062 IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 00E3941E IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 00E393C1 IAT C:\WINDOWS\system32\svchost.exe[652] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 00E3947D IAT C:\WINDOWS\system32\svchost.exe[652] @ c:\windows\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00E35B01 IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00DC5B01 IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00DC5A4D IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00DC59E8 IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 00DC59B6 IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00DC5DBA IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00DC9448 IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00DC6062 IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] 00DC947D IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!EndPaint] 00DC941E IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!BeginPaint] 00DC93C1 IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00DC6062 IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] 00DC9448 IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00DC5DBA IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 00DC947D IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00DC9448 IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00DC6062 IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 00DC941E IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 00DC93C1 IAT C:\WINDOWS\System32\svchost.exe[708] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 00DC947D IAT C:\WINDOWS\System32\svchost.exe[708] @ c:\windows\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00DC5B01 IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 006A5B01 IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 006A5A4D IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 006A59E8 IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 006A59B6 IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 006A5DBA IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 006A9448 IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 006A6062 IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] 006A947D IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!EndPaint] 006A941E IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!BeginPaint] 006A93C1 IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 006A6062 IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] 006A9448 IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 006A5DBA IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 006A947D IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 006A9448 IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 006A6062 IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 006A941E IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 006A93C1 IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 006A947D IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 006A5B01 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\Explorer.EXE [USER32.dll!TranslateMessage] 015B6062 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\Explorer.EXE [USER32.dll!BeginPaint] 015B93C1 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\Explorer.EXE [USER32.dll!EndPaint] 015B941E IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\Explorer.EXE [USER32.dll!DefWindowProcW] 015B9448 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 015B5B01 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 015B5A4D IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 015B59E8 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 015B59B6 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 015B5DBA IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 015B9448 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 015B6062 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 015B947D IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 015B9448 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 015B6062 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 015B941E IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 015B93C1 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 015B947D IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] 015B947D IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!EndPaint] 015B941E IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!BeginPaint] 015B93C1 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 015B6062 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] 015B9448 IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 015B5DBA IAT C:\WINDOWS\Explorer.EXE[984] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 015B5B01 IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00135A4D IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 001359E8 IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 001359B6 IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 0013941E IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!EndPaint] 0013941E IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\WINDOWS\htpatch.exe[1208] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00135A4D IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 001359E8 IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 001359B6 IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 0013941E IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!EndPaint] 0013941E IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe[1320] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00135A4D IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 001359E8 IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 001359B6 IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 0013941E IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!EndPaint] 0013941E IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Program Files\Internet Explorer\iexplore.exe[1376] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00405B01 IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00405A4D IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 004059E8 IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 004059B6 IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00405DBA IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00409448 IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00406062 IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] 0040947D IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!EndPaint] 0040941E IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!BeginPaint] 004093C1 IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00406062 IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] 00409448 IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00405DBA IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 0040947D IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00409448 IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00406062 IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 0040941E IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 004093C1 IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 0040947D IAT C:\WINDOWS\system32\spoolsv.exe[1408] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00405B01 IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00085B01 IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00085A4D IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 000859E8 IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 000859B6 IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00085DBA IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00089448 IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00086062 IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] 0008947D IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!EndPaint] 0008941E IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!BeginPaint] 000893C1 IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00086062 IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] 00089448 IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00085DBA IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 0008947D IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00089448 IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00086062 IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 0008941E IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 000893C1 IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 0008947D IAT C:\WINDOWS\system32\ctfmon.exe[1504] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00085B01 IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00405B01 IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00405A4D IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 004059E8 IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 004059B6 IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00405DBA IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00409448 IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00406062 IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] 0040947D IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!EndPaint] 0040941E IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!BeginPaint] 004093C1 IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00406062 IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] 00409448 IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00405DBA IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 0040947D IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00409448 IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00406062 IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 0040941E IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 004093C1 IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 0040947D IAT C:\WINDOWS\System32\svchost.exe[1896] @ C:\WINDOWS\System32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00405B01 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00135A4D IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 001359E8 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 001359B6 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 0013941E IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!EndPaint] 0013941E IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[1980] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00135A4D IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 001359E8 IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 001359B6 IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 0013941E IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!EndPaint] 0013941E IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Program Files\Bonjour\mDNSResponder.exe[1996] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00135A4D IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 001359E8 IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 001359B6 IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\WININET.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!EndPaint] 0013941E IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcA] 0013947D IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!EndPaint] 0013941E IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!BeginPaint] 001393C1 IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!TranslateMessage] 00136062 IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!DefWindowProcW] 00139448 IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!GetClipboardData] 00135DBA IAT C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe[3084] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00135B01 ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 81B214BF Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 81B214BF Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP0T1L0-c 81B214BF AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) Device \Device\Ide\IdeDeviceP0T0L0-4 -> \??\IDE#DiskWDC_WD600BB-00CAA1______________________17.07W17#4457572d414d4538323738303130_033_0_0_0_0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found ---- Files - GMER 1.0.15 ---- File C:\WINDOWS\SYSTEM32\sdra64.exe File C:\WINDOWS\SYSTEM32\lowsec File C:\WINDOWS\SYSTEM32\lowsec\local.ds File C:\WINDOWS\SYSTEM32\lowsec\user.ds.lll File C:\WINDOWS\SYSTEM32\lowsec\user.ds ---- EOF - GMER 1.0.15 ----

Kod: Zaznacz wszystko: OTL logfile created on: 2011-04-16 13:17:33 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\aaa\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Poland | Language: plk | Date Format: yyyy-MM-dd 255,00 Mb Total Physical Memory | 121,00 Mb Available Physical Memory | 47,00% Memory free 618,00 Mb Paging File | 386,00 Mb Available in Paging File | 62,00% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55,88 Gb Total Space | 8,67 Gb Free Space | 15,52% Space Free | Partition Type: FAT32 Computer Name: AAA | User Name: aaa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-04-16 13:15:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\aaa\Pulpit\OTL.exe PRC - [2009-10-13 20:00:08 | 000,024,688 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2002-10-30 11:40:34 | 000,028,672 | R--- | M] () -- C:\WINDOWS\htpatch.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-04-16 13:15:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\aaa\Pulpit\OTL.exe MOD - [2009-10-13 20:00:08 | 000,024,685 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL MOD - [2008-04-14 19:21:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\wsock32.dll MOD - [2008-04-14 18:59:08 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll MOD - [2006-05-03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\framedyn.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- -- (SSHNAS) SRV - File not found [Auto | Stopped] -- -- (SPService) SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2009-10-13 20:00:08 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Stopped] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService) SRV - [2007-10-19 19:14:20 | 000,000,000 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\SYSTEM32\UTSCSI.EXE -- (UTSCSI) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Running] -- -- (Lavasoft Kernexplorer) DRV - [2008-04-13 20:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum) DRV - [2005-08-30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ss_mdm.sys -- (ss_mdm) DRV - [2005-08-30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ss_mdfl.sys -- (ss_mdfl) DRV - [2005-08-30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2003-04-01 11:51:30 | 000,719,052 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2002-10-31 05:58:42 | 000,030,848 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (sisagp) DRV - [2001-08-23 21:03:54 | 000,025,434 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.sys -- (rtl8139) DRV - [2001-08-17 22:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 21:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_V124.sys -- (V124) DRV - [2001-08-17 21:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_TONE.sys -- (Tones) DRV - [2001-08-17 21:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_MSFT.sys -- (hsf_msft) DRV - [2001-08-17 21:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_SAMP.sys -- (Rksample) DRV - [2001-08-17 21:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_K56K.sys -- (K56) DRV - [2001-08-17 21:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_FALL.sys -- (Fallback) DRV - [2001-08-17 21:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_FAXX.sys -- (SoftFax) DRV - [2001-08-17 21:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_FSKS.sys -- (Fsks) DRV - [2001-08-17 21:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_BSC2.sys -- (basic2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2000478354-573735546-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKU\S-1-5-21-2000478354-573735546-725345543-1003\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com) IE - HKU\S-1-5-21-2000478354-573735546-725345543-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) IE - HKU\S-1-5-21-2000478354-573735546-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2000478354-573735546-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "MyWebSearch" FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCxdm490YYPL&fl=0&ptb=qDmEkSpENFTony24fBxQGw&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=" [2009-06-06 18:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\aaa\Dane aplikacji\Mozilla\Extensions [2009-06-06 18:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\aaa\Dane aplikacji\Mozilla\Firefox\Profiles\w96qmwhl.default\extensions [2009-10-18 12:33:06 | 000,009,949 | ---- | M] () -- C:\Documents and Settings\aaa\Dane aplikacji\Mozilla\Firefox\Profiles\w96qmwhl.default\searchplugins\mywebsearch.xml [2009-06-07 20:47:10 | 000,222,720 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\SaveComponent.dll [2009-10-13 20:00:08 | 000,024,684 | ---- | M] (MyWebSearch.com) -- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll [2010-12-01 12:12:58 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml.moz-backup [2010-12-01 12:12:58 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml.moz-backup [2010-12-01 12:12:58 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml.moz-backup [2010-12-01 12:12:58 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml.moz-backup [2010-12-01 12:12:58 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml.moz-backup [2010-12-01 12:12:58 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml.moz-backup O1 HOSTS File: ([2009-06-06 18:06:22 | 000,000,746 | RHS- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com) O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com) O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-2000478354-573735546-725345543-1003\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com) O3 - HKU\S-1-5-21-2000478354-573735546-725345543-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.) O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com) O4 - HKU\.DEFAULT..\Run: [inetserver.exe] C:\inetserver.exe\inetserver.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\Run: [inetserver.exe] C:\inetserver.exe\inetserver.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O7 - HKU\S-1-5-21-2000478354-573735546-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data] O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.) O15 - HKU\S-1-5-21-2000478354-573735546-725345543-1003\..Trusted Domains: ([]msn in My Computer) O15 - HKU\S-1-5-21-2000478354-573735546-725345543-1003\..Trusted Domains: staregry.pl ([www] https in Zaufane witryny) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/CursorManiaInitialSetup1.0.1.1.cab (Reg Error: Key error.) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\SYSTEM\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\sdra64.exe) - C:\WINDOWS\System32\sdra64.exe File not found O20 - Winlogon\Notify\Antiwpa: DllName - antiwpa.dll - File not found O20 - Winlogon\Notify\cbssreg: DllName - C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll - File not found O20 - Winlogon\Notify\mputreg: DllName - mputreg.dll - C:\WINDOWS\System32\mputreg.dll () O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\aaa\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\aaa\Dane aplikacji\Microsoft\Wallpaper1.bmp O27 - HKLM IFEO\dotnet3.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnet3[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnet3[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx3.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx3[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx3[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx3_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx3_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx3_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx3_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx3_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx3_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx30SP1setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx30SP1setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx30SP1setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx35.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx35[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx35[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx35setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx35setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx35setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx3setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx3setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\dotnetfx3setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP1_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP1_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP1_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP1_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP1_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP1_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP1_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP1_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP1_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP2_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP2_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP2_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP2_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP2_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP2_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP2_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP2_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx20SP2_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx30SP1_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx30SP1_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx30SP1_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx30SP1_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx30SP1_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx30SP1_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx35_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx35_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx35_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx35_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx35_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx35_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx35_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx35_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx35_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O27 - HKLM IFEO\NetFx64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007-10-18 19:31:34 | 000,000,194 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2010-09-27 14:01:56 | 000,011,968 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ FAT32 ] O33 - MountPoints2\{52860a70-7f36-11dc-a9ae-000d610bb48b}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe O33 - MountPoints2\{52860a70-7f36-11dc-a9ae-000d610bb48b}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe O33 - MountPoints2\{6fe00120-e596-11de-af8d-000d610bb48b}\Shell - "" = AutoRun O33 - MountPoints2\{6fe00120-e596-11de-af8d-000d610bb48b}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL xeAXa.eXE O33 - MountPoints2\{bab18b97-7e5b-11dc-a9ab-000d610bb48b}\Shell\AutoRun\command - "" = G:\USBNB.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-04-16 13:15:19 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\aaa\Pulpit\OTL.exe [2011-04-16 13:09:43 | 000,607,288 | ---- | C] (Duplex Secure Ltd.) -- C:\Documents and Settings\aaa\Pulpit\SPTDinst-v178-x86.exe [2011-04-16 13:04:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\aaa\Recent [2011-04-16 12:45:07 | 000,000,000 | ---D | C] -- C:\Program Files\ToniArts [2011-04-16 12:45:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EasyCleaner [2011-04-16 12:44:16 | 002,951,802 | ---- | C] (InstallShield Software Corporation) -- C:\Documents and Settings\aaa\Pulpit\EClea2_0.exe [2011-04-12 00:59:20 | 000,000,000 | -HSD | C] -- C:\FOUND.000 [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-04-16 13:15:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\aaa\Pulpit\OTL.exe [2011-04-16 13:12:54 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe [2011-04-16 13:09:48 | 000,607,288 | ---- | M] (Duplex Secure Ltd.) -- C:\Documents and Settings\aaa\Pulpit\SPTDinst-v178-x86.exe [2011-04-16 12:44:24 | 002,951,802 | ---- | M] (InstallShield Software Corporation) -- C:\Documents and Settings\aaa\Pulpit\EClea2_0.exe [2011-04-16 12:26:32 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011-04-16 12:24:24 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2011-04-16 12:24:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011-04-16 11:36:00 | 006,553,600 | -H-- | M] () -- C:\Documents and Settings\aaa\NTUSER.DAT [2011-04-16 11:36:00 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\aaa\ntuser.ini [2011-04-16 11:22:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011-04-15 21:21:18 | 002,530,426 | -H-- | M] () -- C:\Documents and Settings\aaa\Dane aplikacji\IconCache.db [2011-04-15 18:17:24 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\aaa\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-04-13 17:49:56 | 000,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys [2011-04-08 18:31:40 | 000,000,572 | ---- | M] () -- C:\Documents and Settings\aaa\Moje dokumenty\spider.sav [2011-04-06 16:02:16 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011-03-27 19:25:42 | 000,115,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-04-16 13:12:52 | 000,301,568 | ---- | C] () -- C:\Documents and Settings\aaa\Pulpit\sr15vh5p.exe [2011-03-30 18:11:41 | 000,000,692 | ---- | C] () -- C:\Documents and Settings\aaa\Menu Start\Programy\Windows Media Player.lnk [2011-01-17 15:57:28 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\mputreg.dll [2010-11-26 08:27:26 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini [2010-09-02 17:11:15 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2010-05-21 15:38:18 | 000,000,039 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2010-04-12 04:58:42 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat [2009-06-06 18:01:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009-05-26 09:52:26 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-05-26 09:52:26 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009-05-26 09:52:24 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009-05-26 09:52:24 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009-05-26 09:52:23 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009-05-26 09:52:22 | 000,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-05-26 09:52:22 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008-11-01 12:50:04 | 002,530,426 | -H-- | C] () -- C:\Documents and Settings\aaa\Dane aplikacji\IconCache.db [2008-06-14 18:09:55 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wa.INI [2008-05-28 20:34:02 | 000,166,400 | ---- | C] () -- C:\WINDOWS\RemLomax.exe [2008-03-02 20:26:17 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2008-01-16 17:02:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [2008-01-16 17:01:08 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2008-01-03 16:48:34 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2007-12-13 11:53:58 | 000,000,046 | ---- | C] () -- C:\WINDOWS\adiras.ini [2007-11-07 17:32:14 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2007-11-07 13:30:14 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2007-10-19 18:01:14 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007-10-19 17:58:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\UTSCSI.EXE [2007-10-19 16:56:27 | 000,001,007 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2007-10-19 16:53:05 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll [2007-10-19 16:53:05 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll [2007-10-19 16:51:55 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll [2007-10-19 16:51:55 | 000,003,136 | ---- | C] () -- C:\WINDOWS\Ade001.bin [2007-10-19 16:51:55 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini [2007-10-19 16:47:14 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS50.DLL [2007-10-19 16:35:10 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2007-10-19 16:33:08 | 000,028,672 | R--- | C] () -- C:\WINDOWS\htpatch.exe [2007-10-19 16:33:08 | 000,003,072 | R--- | C] () -- C:\WINDOWS\winio.sys [2007-10-19 16:28:32 | 000,016,992 | ---- | C] () -- C:\Documents and Settings\aaa\Dane aplikacji\GDIPFONTCACHEV1.DAT [2007-10-19 16:21:27 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2007-10-19 16:21:24 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2007-10-18 20:45:24 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\aaa\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007-10-18 19:59:55 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2007-10-18 19:57:09 | 000,012,484 | ---- | C] () -- C:\WINDOWS\IOS.INI [2007-10-18 19:57:09 | 000,007,885 | ---- | C] () -- C:\WINDOWS\NETDET.INI [2007-10-18 19:57:09 | 000,003,598 | ---- | C] () -- C:\WINDOWS\HTMLHELP.INI [2007-10-18 19:57:09 | 000,000,787 | ---- | C] () -- C:\WINDOWS\SCANREG.INI [2007-10-18 19:57:09 | 000,000,225 | ---- | C] () -- C:\WINDOWS\TELEPHON.INI [2007-10-18 19:57:09 | 000,000,060 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI [2007-10-18 19:57:09 | 000,000,054 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI [2007-10-18 19:57:09 | 000,000,028 | ---- | C] () -- C:\WINDOWS\QTW.INI [2007-10-18 19:57:09 | 000,000,026 | ---- | C] () -- C:\WINDOWS\MSOFFICE.INI [2007-10-18 19:57:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\progman.ini [2007-10-18 19:56:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2007-10-18 19:55:51 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2007-10-18 19:55:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2007-10-18 19:54:09 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2007-10-18 19:53:57 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2007-10-18 19:53:57 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2007-10-18 19:53:25 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2007-10-18 19:53:24 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2007-10-18 19:46:29 | 000,933,392 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2007-10-18 19:46:29 | 000,004,473 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2007-10-18 19:45:43 | 000,115,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2007-10-18 19:29:35 | 000,188,448 | RH-- | C] () -- C:\WINDOWS\HWINFO.DAT [2007-10-18 19:28:38 | 000,023,453 | -H-- | C] () -- C:\Program Files\folder.htt [2004-08-02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2001-10-26 17:30:20 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2001-10-26 17:29:54 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe [2001-10-26 17:29:42 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll [2001-10-26 17:29:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll [2001-10-26 17:29:36 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll [2001-10-26 17:29:36 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2001-10-26 17:29:32 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2001-10-26 17:29:26 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatUI.dll [2001-10-26 17:29:26 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2001-10-26 17:28:44 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2001-10-26 17:28:34 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2001-10-26 17:27:02 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2001-10-26 16:21:06 | 000,033,936 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2001-10-26 16:15:16 | 000,437,978 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat [2001-10-26 16:15:16 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat [2001-10-26 16:15:16 | 000,057,860 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat [2001-10-26 16:15:16 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat [2001-10-26 16:15:10 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe [2001-10-26 16:15:08 | 000,011,859 | ---- | C] () -- C:\WINDOWS\System32\setver.exe [2001-10-26 16:15:08 | 000,003,260 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe [2001-10-26 16:15:06 | 000,003,346 | ---- | C] () -- C:\WINDOWS\System32\redir.exe [2001-10-26 16:15:04 | 000,027,898 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2001-10-26 16:14:58 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe [2001-10-26 16:14:56 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\mem.exe [2001-10-26 16:14:54 | 000,014,913 | ---- | C] () -- C:\WINDOWS\System32\kb16.com [2001-10-26 16:14:54 | 000,001,168 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com [2001-10-26 16:14:52 | 000,004,976 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2001-10-26 16:14:50 | 000,019,806 | ---- | C] () -- C:\WINDOWS\System32\graphics.com [2001-10-26 16:14:48 | 000,008,520 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe [2001-10-26 16:14:46 | 000,012,866 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe [2001-10-26 16:14:44 | 000,053,920 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe [2001-10-26 16:14:42 | 000,020,986 | ---- | C] () -- C:\WINDOWS\System32\debug.exe [2001-10-26 16:14:38 | 000,051,823 | ---- | C] () -- C:\WINDOWS\System32\command.com [2001-10-26 16:14:34 | 000,012,594 | ---- | C] () -- C:\WINDOWS\System32\append.exe [2001-10-26 16:14:32 | 000,009,043 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2001-10-26 16:12:52 | 000,000,359 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2001-10-26 15:45:26 | 000,016,024 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2001-10-26 15:45:26 | 000,006,074 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2001-10-26 15:45:24 | 000,013,819 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2001-10-26 15:45:10 | 000,070,622 | ---- | C] () -- C:\WINDOWS\System32\edit.com [2001-10-26 15:42:08 | 000,020,629 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini [2001-10-26 15:42:08 | 000,002,992 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2001-10-26 15:42:08 | 000,002,890 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2001-10-26 15:42:08 | 000,001,295 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2001-08-23 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001-08-23 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001-08-17 21:35:10 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe [2001-08-17 21:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe [2001-08-17 21:32:34 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe [2001-08-17 21:31:56 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2001-08-17 21:31:56 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2001-08-17 21:31:54 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2001-08-17 21:31:50 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2001-08-17 21:31:46 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2001-08-17 21:31:46 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2001-08-17 21:31:44 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2001-08-17 21:31:38 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2001-08-17 21:31:38 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2001-08-17 21:31:36 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2001-08-17 21:31:36 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2001-08-17 21:30:24 | 000,383,808 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001-08-17 21:30:24 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001-08-17 21:30:24 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001-08-17 21:30:22 | 000,046,966 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001-08-17 21:15:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2001-08-17 21:13:24 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv [2001-08-17 19:55:06 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2001-07-22 03:43:48 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2001-07-22 02:25:18 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2001-07-21 22:36:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2001-07-21 22:36:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2001-07-21 22:24:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2001-07-21 22:16:20 | 000,001,695 | ---- | C] () -- C:\WINDOWS\win.ini [2001-07-21 22:15:52 | 000,000,324 | ---- | C] () -- C:\WINDOWS\system.ini [2001-07-21 22:15:50 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [1980-01-01 00:00:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\HCOUNT.EXE [1980-01-01 00:00:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ICMFILTER.DLL [1980-01-01 00:00:00 | 000,019,131 | ---- | C] () -- C:\WINDOWS\SETVER.EXE [1980-01-01 00:00:00 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [1980-01-01 00:00:00 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [color=#E56717]========== LOP Check ==========[/color] [2008-04-12 18:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\phenomedia [2008-12-06 18:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} [2010-04-11 23:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PopCap Games [2010-08-07 20:08:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-12-04 00:05:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2010-12-04 00:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2010-08-21 21:12:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\~0 [2007-10-19 16:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\InterTrust [2007-10-19 17:57:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\OTi [2007-10-19 17:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\PLAux [2007-11-07 13:30:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\EPSON [2007-11-17 12:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\GHISLER [2007-12-14 15:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\Gadu-Gadu [2008-01-16 17:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\Samsung [2008-01-16 17:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\Temporary [2008-01-16 17:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\TransRender [2008-01-16 17:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\ConvertTemp [2009-05-07 19:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\Save [2010-08-07 20:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\DAEMON Tools Lite [2010-09-02 16:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\uTorrent [2010-11-09 18:48:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\OpenCandy [2010-12-04 00:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\TuneUp Software [2010-12-10 07:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\Thinstall [2011-03-03 23:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aaa\Dane aplikacji\DOSBox [2011-04-16 12:26:32 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [color=#E56717]========== Purity Check ==========[/color] < End of report >

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2011-04-16 13:17:33 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\aaa\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Poland | Language: plk | Date Format: yyyy-MM-dd 255,00 Mb Total Physical Memory | 121,00 Mb Available Physical Memory | 47,00% Memory free 618,00 Mb Paging File | 386,00 Mb Available in Paging File | 62,00% Paging File free Paging file location(s): C:\pagefile.sys 384 768 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55,88 Gb Total Space | 8,67 Gb Free Space | 15,52% Space Free | Partition Type: FAT32 Computer Name: AAA | User Name: aaa | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1185566F-12ED-3EF0-89CC-38866DCE1EEE}" = Microsoft .NET Framework 3.0 Client Service Pack 2 "{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe 1.4.89.1 "{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes "{350C97C2-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{5BBC0864-D5FC-4A5E-8346-5450B9B57EEE}" = Speech 5.1 English Engines "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel "{6C5D7191-140A-11D6-B5A0-0050DA208A93}" = ArcSoft PhotoImpression "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour "{95120000-00AF-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Polish) "{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = RTLSetup "{9A3EABC0-CA06-11D4-BF77-00104B130C19}" = EPSON TWAIN 5 "{B69CC1A5-0404-11D6-ABCB-005004C21D30}" = EPSON Copy Utility "{CAAFB8F9-F8D1-3D27-9AAA-6301A4429440}" = Microsoft .NET Framework 2.0 Client Service Pack 2 "{D617A4DC-C915-3F25-BE43-57E5FD99B441}" = Microsoft .NET Framework 3.5 Client Service Pack 1 "{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb "{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V4.X "BitComet" = BitComet 0.62 "CANONBJ_Deinstall_CNMCP50.DLL" = Canon i250 "DT2" = Deutsch Translator 2 "Easy-WebPrint" = Easy-WebPrint "Enable S3 for USB Device" = Enable S3 for USB Device "EPSON Photo Print" = EPSON Photo Print "ET3" = English Translator 3 "Gadu-Gadu" = Gadu-Gadu 7.7 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "KLiteCodecPack_is1" = K-Lite Codec Pack 4.8.5 (Full) "Kurka Wodna 3" = Kurka Wodna 3 "Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile "MyWebSearch bar Uninstall" = My Web Search (Cursor Mania) "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NeroMultiInstaller!UninstallKey" = Nero Suite "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NVIDIA" = NVIDIA Windows 2000/XP Display Drivers "RealAlt_is1" = Real Alternative 2.0.1 "SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "VLC media player" = VLC media player 1.0.3 "Winamp Toolbar" = Winamp Toolbar for Internet Explorer "Winamp3" = Winamp3 (remove only) "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinRAR archiver" = Archiwizator WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-03-17 17:54:36 | Computer Name = AAA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca firefox.exe, wersja 1.9.2.3989, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-03-27 17:30:50 | Computer Name = AAA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd allplayer.exe, wersja 4.4.6.9, moduł powodujący błąd allplayer.exe, wersja 4.4.6.9, adres błędu 0x00149dc8. Error - 2011-03-29 14:36:16 | Computer Name = AAA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca WinRAR.exe, wersja 3.51.0.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-03-29 14:37:39 | Computer Name = AAA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca WinRAR.exe, wersja 3.51.0.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-04-04 16:40:53 | Computer Name = AAA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd allplayer.exe, wersja 4.4.6.9, moduł powodujący błąd allplayer.exe, wersja 4.4.6.9, adres błędu 0x0000588c. Error - 2011-04-13 10:57:37 | Computer Name = AAA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca napisy.exe, wersja 1.0.6.9, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-04-13 10:57:52 | Computer Name = AAA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca napisy.exe, wersja 1.0.6.9, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-04-14 15:45:03 | Computer Name = AAA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca WinRAR.exe, wersja 3.51.0.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-04-14 15:45:03 | Computer Name = AAA | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca WinRAR.exe, wersja 3.51.0.0, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2011-04-16 07:12:30 | Computer Name = AAA | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd fdqhx9m3[1].exe, wersja 1.0.15.15570, moduł powodujący błąd fdqhx9m3[1].exe, wersja 1.0.15.15570, adres błędu 0x0000c6ff. [ System Events ] Error - 2011-04-16 05:22:45 | Computer Name = AAA | Source = Ftdisk | ID = 262189 Description = System nie może pomyślnie załadować sterownika zrzutu awaryjnego. Error - 2011-04-16 05:22:45 | Computer Name = AAA | Source = Ftdisk | ID = 262193 Description = Konfigurowanie pliku strony dla zrzutu awaryjnego nie powiodło się. Upewnij się, że na partycji rozruchowej znajduje się plik strony i że jest wystarczająco duży, aby zawierać całą pamięć fizyczną. Error - 2011-04-16 05:22:45 | Computer Name = AAA | Source = Service Control Manager | ID = 7023 Description = Usługa SPService zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-04-16 05:22:45 | Computer Name = AAA | Source = Service Control Manager | ID = 7023 Description = Usługa SSHNAS zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-04-16 05:22:45 | Computer Name = AAA | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi CLCV0 z powodu następującego błędu: %%193 Error - 2011-04-16 06:24:40 | Computer Name = AAA | Source = Ftdisk | ID = 262189 Description = System nie może pomyślnie załadować sterownika zrzutu awaryjnego. Error - 2011-04-16 06:24:40 | Computer Name = AAA | Source = Ftdisk | ID = 262193 Description = Konfigurowanie pliku strony dla zrzutu awaryjnego nie powiodło się. Upewnij się, że na partycji rozruchowej znajduje się plik strony i że jest wystarczająco duży, aby zawierać całą pamięć fizyczną. Error - 2011-04-16 06:24:41 | Computer Name = AAA | Source = Service Control Manager | ID = 7023 Description = Usługa SPService zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-04-16 06:24:41 | Computer Name = AAA | Source = Service Control Manager | ID = 7023 Description = Usługa SSHNAS zakończyła działanie; wystąpił następujący błąd: %%126 Error - 2011-04-16 06:24:41 | Computer Name = AAA | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi CLCV0 z powodu następującego błędu: %%193 < End of report >

**Posty:** 18165 · przez **wojtas** 17 Kwi 2011, 13:26

proszę następnym razem szerzej opisać problem...

odinstaluj Winamp Toolbar, My Web Search

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
PRC - [2009-10-13 20:00:08 | 000,024,688 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
MOD - [2009-10-13 20:00:08 | 000,024,685 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL
SRV - File not found [Auto | Stopped] -- -- (SSHNAS)
SRV - File not found [Auto | Stopped] -- -- (SPService)
SRV - [2009-10-13 20:00:08 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Stopped] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
DRV - File not found [Kernel | On_Demand | Running] -- -- (Lavasoft Kernexplorer)
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKU\S-1-5-21-2000478354-573735546-725345543-1003\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\S-1-5-21-2000478354-573735546-725345543-1003\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
FF - prefs.js..browser.search.selectedEngine: "MyWebSearch"
FF - prefs.js..keyword.URL: "http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCxdm490YYPL&fl=0&ptb=qDmEkSpENFTony24fBxQGw&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor="
[2009-10-18 12:33:06 | 000,009,949 | ---- | M] () -- C:\Documents and Settings\aaa\Dane aplikacji\Mozilla\Firefox\Profiles\w96qmwhl.default\searchplugins\mywebsearch.xml
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-2000478354-573735546-725345543-1003\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKU\S-1-5-21-2000478354-573735546-725345543-1003\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\SYSTEM\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\sdra64.exe) - C:\WINDOWS\System32\sdra64.exe File not found
O20 - Winlogon\Notify\Antiwpa: DllName - antiwpa.dll - File not found
O20 - Winlogon\Notify\cbssreg: DllName - C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll - File not found
O20 - Winlogon\Notify\mputreg: DllName - mputreg.dll - C:\WINDOWS\System32\mputreg.dll ()
O27 - HKLM IFEO\dotnet3.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnet3[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnet3[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx30SP1setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx30SP1setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx30SP1setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)

O32 - AutoRun File - [2010-09-27 14:01:56 | 000,011,968 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ FAT32 ]
O33 - MountPoints2\{52860a70-7f36-11dc-a9ae-000d610bb48b}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe
O33 - MountPoints2\{52860a70-7f36-11dc-a9ae-000d610bb48b}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe
O33 - MountPoints2\{6fe00120-e596-11de-af8d-000d610bb48b}\Shell - "" = AutoRun
O33 - MountPoints2\{6fe00120-e596-11de-af8d-000d610bb48b}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL xeAXa.eXE
O33 - MountPoints2\{bab18b97-7e5b-11dc-a9ab-000d610bb48b}\Shell\AutoRun\command - "" = G:\USBNB.exe

:Files
C:\WINDOWS\SYSTEM32\sdra64.exe
C:\WINDOWS\SYSTEM32\lowsec\local.ds
C:\WINDOWS\SYSTEM32\lowsec\user.ds.lll
C:\WINDOWS\SYSTEM32\lowsec\user.ds
C:\WINDOWS\SYSTEM32\lowsec
C:\Program Files\MyWebSearch
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\Program Files\Lavasoft\Ad-Aware

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

:Commands
[emptytemp]
[emptyflash]

Kliknij wykonaj skrypt. I potwierdź reset komputera .

Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia (zawartość notatnika, która otworzy się po restarcie).

Zawieszanie się kompa, problemy z funkcjonowaniem [gmer, otl

Zawieszanie się kompa, problemy z funkcjonowaniem [gmer, otl

Zawieszanie się kompa, problemy z funkcjonowaniem [gmer, otl

Kto jest na forum